 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.51018 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Security Advisory RHSA-2003:285 |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing updates announced in advisory RHSA-2003:285. SANE is a package for using document scanners. Sane includes a daemon program (called saned) that enables a single machine connected to a scanner to be used remotely. This program contains several vulnerabilities. NOTE: Although the SANE packages include this program, it is not used by default under Red Hat Enterprise Linux. The IP address of the remote host is only checked after the first communication occurs, causing saned.conf restrictions to be ineffective for the first communication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0773 to this issue. A connection that is dropped early causes one of several problems. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2003-0774, CVE-2003-0775, and CVE-2003-0777 to these issues. Lack of error checking can cause various other unfavorable consequences. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2003-0776 and CVE-2003-0778 to these issues. Users of SANE (particularly those that use saned for remote scanner access) should upgrade to these errata packages, which contain a backported security patch to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-285.html Risk factor : High CVSS Score: 7.5 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0773 BugTraq ID: 8593 http://www.securityfocus.com/bid/8593 BugTraq ID: 8595 http://www.securityfocus.com/bid/8595 Debian Security Information: DSA-379 (Google Search) http://www.debian.org/security/2003/dsa-379 http://www.mandriva.com/security/advisories?name=MDKSA-2003:099 http://www.redhat.com/support/errata/RHSA-2003-278.html http://www.redhat.com/support/errata/RHSA-2003-285.html SCO Security Bulletin: CSSA-2004-005.0 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-005.0/CSSA-2004-005.0.txt SuSE Security Announcement: SuSE-SA:2003:046 (Google Search) http://www.novell.com/linux/security/advisories/2003_046_sane.html Common Vulnerability Exposure (CVE) ID: CVE-2003-0774 Common Vulnerability Exposure (CVE) ID: CVE-2003-0775 BugTraq ID: 8600 http://www.securityfocus.com/bid/8600 Common Vulnerability Exposure (CVE) ID: CVE-2003-0776 Common Vulnerability Exposure (CVE) ID: CVE-2003-0777 BugTraq ID: 8597 http://www.securityfocus.com/bid/8597 Common Vulnerability Exposure (CVE) ID: CVE-2003-0778 BugTraq ID: 8596 http://www.securityfocus.com/bid/8596 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |