|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: unace|
|Summary:||FreeBSD Ports: unace|
The remote host is missing an update to the system
as announced in the referenced advisory.
The following package is affected: unace
Multiple buffer overflows in unace 1.2b allow attackers to execute
arbitrary code via (1) 2 overflows in ACE archives, (2) a long command
line argument, or (3) certain 'Ready for next volume' messages.
Multiple directory traversal vulnerabilities in unace 1.2b allow
attackers to overwrite arbitrary files via an ACE archive containing
(1) ../ sequences or (2) absolute pathnames.
Update your system with the appropriate patches or
Common Vulnerability Exposure (CVE) ID: CVE-2005-0160|
SuSE Security Announcement: SUSE-SR:2005:016 (Google Search)
CERT/CC vulnerability note: VU#215006
BugTraq ID: 12630
Common Vulnerability Exposure (CVE) ID: CVE-2005-0161
BugTraq ID: 12628
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 58768 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.