Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:237: cpio Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cpio package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:237 (cpio).
A buffer overflow in cpio 2.6 on 64-bit platforms could allow a local user to
create a DoS (crash) and possibly execute arbitrary code when creating a cpio
archive with a file whose size is represented by more than 8 digits. The
updated packages have been patched to correct these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:237
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.