 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.53394 |
| Category: | Debian Local Security Checks |
| Title: | Debian Security Advisory DSA 116-1 (cfs) |
| Summary: | The remote host is missing an update to cfs;announced via advisory DSA 116-1. |
| Description: | Summary: The remote host is missing an update to cfs announced via advisory DSA 116-1. Vulnerability Insight: Zorgon found several buffer overflows in cfsd, a daemon that pushes encryption services into the Unix(tm) file system. We are not yet sure if these overflows can successfully be exploited to gain root access to the machine running the CFS daemon. However, since cfsd can easily be forced to die, a malicious user can easily perform a denial of service attack to it. This problem has been fixed in version 1.3.3-8.1 for the stable Debian distribution and in version 1.4.1-5 for the testing and undtable distribution of Debian. Solution: We recommend that you upgrade your cfs package immediately. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2002-0351 BugTraq ID: 4219 http://www.securityfocus.com/bid/4219 Debian Security Information: DSA-116 (Google Search) http://www.debian.org/security/2002/dsa-116 http://www.iss.net/security_center/static/8330.php |
| Copyright | Copyright (C) 2008 E-Soft Inc. |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |