Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.68211 |
Category: | Ubuntu Local Security Checks |
Title: | Ubuntu USN-955-2 (libpam-opie) |
Summary: | NOSUMMARY |
Description: | Description: The remote host is missing an update to libpam-opie announced via advisory USN-955-2. Details follow: USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt libpam-opie packages against the updated libopie library. Original advisory details: Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: libpam-opie 0.21-8build1.9.04.1 Ubuntu 9.10: libpam-opie 0.21-8build2.1 Ubuntu 10.04 LTS: libpam-opie 0.21-8build3.1 In general, a standard system update will make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-955-2 Risk factor : Critical CVSS Score: 9.3 |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-1938 BugTraq ID: 40403 http://www.securityfocus.com/bid/40403 Debian Security Information: DSA-2281 (Google Search) http://www.debian.org/security/2011/dsa-2281 http://www.exploit-db.com/exploits/12762 FreeBSD Security Advisory: FreeBSD-SA-10:05 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc http://blog.pi3.com.pl/?p=111 http://site.pi3.com.pl/adv/libopie-adv.txt http://securitytracker.com/id?1024040 http://securitytracker.com/id?1025709 http://secunia.com/advisories/39963 http://secunia.com/advisories/39966 http://secunia.com/advisories/45136 http://securityreason.com/securityalert/7450 http://securityreason.com/achievement_securityalert/87 |
Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |