Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:037: glibc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the glibc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:037 (glibc).
An integer overflow was discovered by eEye Digital Security in the
xdrmem_getbytes() function of glibc 2.3.1 and earlier. This function is part of
the XDR encoder/decoder derived from Sun's RPC implementation. Depending upon
the application, this vulnerability can cause buffer overflows and could
possibly be exploited to execute arbitray code.
The provided packages contain patches that correct this issue and all users
should upgrade. Please note that users of Mandrake Linux 9.1 already have this
fix in the 9.1-released glibc packages.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:037
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.