Test Kennung:	1.3.6.1.4.1.25623.1.0.53159
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 461-1 (calife)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to calife announced via advisory DSA 461-1. Calife, a program which provides super user privileges to specific users, was found to contain a buffer overflow related to the getpass(3) library function. A local attacker could potentially exploit this vulnerability, given knowledge of a local user's password and the presence of at least one entry in /etc/calife.auth, to execute arbitrary code with root privileges. For the current stable distribution (woody) this problem has been fixed in version 2.8.4c-1woody1. For the unstable distribution (sid) this problem has been fixed in version 2.8.6-1. We recommend that you update your calife package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20461-1 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 9756 Common Vulnerability Exposure (CVE) ID: CVE-2004-0188 http://www.securityfocus.com/bid/9756 BugTraq ID: 9776 http://www.securityfocus.com/bid/9776 Bugtraq: 20040227 Calife heap corrupt / potential local root exploit (Google Search) http://marc.info/?l=bugtraq&m=107789737832092&w=2 Bugtraq: 20040227 Re: Calife heap corrupt / potential local root exploit (Google Search) Debian Security Information: DSA-461 (Google Search) http://www.debian.org/security/2004/dsa-461 XForce ISS Database: calife-long-password-bo(15335) https://exchange.xforce.ibmcloud.com/vulnerabilities/15335
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.