Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.53159 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 461-1 (calife) |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing an update to calife announced via advisory DSA 461-1. Calife, a program which provides super user privileges to specific users, was found to contain a buffer overflow related to the getpass(3) library function. A local attacker could potentially exploit this vulnerability, given knowledge of a local user's password and the presence of at least one entry in /etc/calife.auth, to execute arbitrary code with root privileges. For the current stable distribution (woody) this problem has been fixed in version 2.8.4c-1woody1. For the unstable distribution (sid) this problem has been fixed in version 2.8.6-1. We recommend that you update your calife package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20461-1 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
Querverweis: |
BugTraq ID: 9756 Common Vulnerability Exposure (CVE) ID: CVE-2004-0188 http://www.securityfocus.com/bid/9756 BugTraq ID: 9776 http://www.securityfocus.com/bid/9776 Bugtraq: 20040227 Calife heap corrupt / potential local root exploit (Google Search) http://marc.info/?l=bugtraq&m=107789737832092&w=2 Bugtraq: 20040227 Re: Calife heap corrupt / potential local root exploit (Google Search) Debian Security Information: DSA-461 (Google Search) http://www.debian.org/security/2004/dsa-461 XForce ISS Database: calife-long-password-bo(15335) https://exchange.xforce.ibmcloud.com/vulnerabilities/15335 |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |