Nessus Plugin #15166
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA329] DSA-329-1 osh
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-329-1 osh
- Version:
- $Revision: 1.4 $
- Cve_id:
- CAN-2003-0452
- Bugtraq_id:
- 7992, 7993
- Xrefs:
- DSA:329
- Description:
Steve Kemp discovered that osh, a shell intended to restrict the
actions of the user, contains two buffer overflows, in processing
environment variables and file redirections. These vulnerabilities
could be used to execute arbitrary code, overriding any restrictions
placed on the shell.
For the stable distribution (woody) this problem has been fixed in
version 1.7-11woody1.
The old stable distribution (potato) is affected by this problem, and
may be fixed in a future advisory on a time-available basis.
For the unstable distribution (sid) this problem is fixed in version
1.7-12.
We recommend that you update your osh package.
Solution : http://www.debian.org/security/2003/dsa-329
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.