Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2002:026: libsafe Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the libsafe package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2002:026 (libsafe).

Wojciech Purczynski discovered that format string protection in libsafe can be
easily bypassed by using flag characters that are implemented in glibc but are
not implemented in libsafe. It was also discovered that *printf function
wrappers incorrectly parse argument indexing in format strings, making some
incorrect assumptions on the number of arguments and conversion specifications.
These problems were fixed by the libsafe authors in 2.0-12.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.