Nessus Plugin #15109
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA272] DSA-272-1 dietlibc
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-272-1 dietlibc
- Version:
- $Revision: 1.4 $
- Cve_id:
- CAN-2003-0028
- Bugtraq_id:
- 7123
- Xrefs:
- DSA:272, CERT:516825
- Description:
eEye Digital Security discovered an integer overflow in the
xdrmem_getbytes() function of glibc, that is also present in dietlibc,
a small libc useful especially for small and embedded systems. This
function is part of the XDR encoder/decoder derived from Sun's RPC
implementation. Depending upon the application, this vulnerability
can cause buffer overflows and could possibly be exploited to execute
arbitrary code.
For the stable distribution (woody) this problem has been
fixed in version 0.12-2.5.
The old stable distribution (potato) does not contain dietlibc
packages.
For the unstable distribution (sid) this problem has been
fixed in version 0.22-2.
We recommend that you upgrade your dietlibc packages.
Solution : http://www.debian.org/security/2003/dsa-272
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.