Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2002:031: glibc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the glibc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2002:031 (glibc).
An integer overflow has been discovered in the xdr_array() function,
contained in the Sun Microsystems RPC/XDR library, which is part of
the glibc library package on all SUSE products. This overflow allows
a remote attacker to overflow a buffer, leading to remote execution of
arbitrary code supplied by the attacker.
There is no temporary workaround for this security problem other than
disabling all RPC based server and client programs. The permanent
solution is to update the glibc packages with the update packages
Solution : http://www.suse.de/security/2002_031_glibc.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.