Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.68211
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-955-2 (libpam-opie)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to libpam-opie
announced via advisory USN-955-2.

Details follow:

USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt
libpam-opie packages against the updated libopie library.

Original advisory details:

Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly
handled long usernames. A remote attacker could exploit this with a crafted
username and make applications linked against libopie crash, leading to a
denial of service.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
libpam-opie 0.21-8build1.9.04.1

Ubuntu 9.10:
libpam-opie 0.21-8build2.1

Ubuntu 10.04 LTS:
libpam-opie 0.21-8build3.1

In general, a standard system update will make all the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-955-2

Risk factor : Critical

CVSS Score:
9.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-1938
BugTraq ID: 40403
http://www.securityfocus.com/bid/40403
Debian Security Information: DSA-2281 (Google Search)
http://www.debian.org/security/2011/dsa-2281
http://www.exploit-db.com/exploits/12762
FreeBSD Security Advisory: FreeBSD-SA-10:05
http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc
http://blog.pi3.com.pl/?p=111
http://site.pi3.com.pl/adv/libopie-adv.txt
http://securitytracker.com/id?1024040
http://securitytracker.com/id?1025709
http://secunia.com/advisories/39963
http://secunia.com/advisories/39966
http://secunia.com/advisories/45136
http://securityreason.com/securityalert/7450
http://securityreason.com/achievement_securityalert/87
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.