| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.51331 |
| Category: | Conectiva Local Security Checks |
| Title: | Conectiva Security Advisory CLA-2004:809 |
| Summary: | Conectiva Security Advisory CLA-2004:809 |
| Description: | The remote host is missing updates announced in advisory CLA-2004:809. Screen[1] is a program which allows the use of several sessions inside a single terminal. Timo Sirainen reported[2] a buffer overflow vulnerability[3] in the screen package which could be exploited by an attacker who is able to send about 2Gb of data to the user's screen session. Additionally, a fix for a potential problem with window sizes has been incorporated in these updated packages. Please note that screen is not installed setuid/setgid. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:809 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Critical |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0972 Bugtraq: 20031127 GNU screen buffer overflow (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106995837813873&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:113 Debian Security Information: DSA-408 (Google Search) http://www.debian.org/security/2004/dsa-408 Conectiva Linux advisory: CLA-2004:809 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000809 http://secunia.com/advisories/10539 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.