Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:050: glibc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the glibc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:050 (glibc).
A buffer overflow vulnerability was found in the way that the glibc resolver
handles the resolution of network names and addresses via DNS in glibc versions
2.2.5 and earlier. Only systems using the 'dns' entry in the 'networks' database
in /etc/nsswitch.conf are vulnerable to this issue. By default, Mandrake Linux
has this database set to 'files' and is not vulnerable. Likewise, a similar bug
is in the glibc-compat packages which provide compatability for programs
compiled against 2.0.x versions of glibc.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:050
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.