Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN4-1 : Standard C library script vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Standard C library script vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- glibc-doc
- libc6
- libc6-dbg
- libc6-dev
- libc6-i686
- libc6-pic
- libc6-prof
- locales
- nscd

Description :

Recently, Trustix Secure Linux discovered some vulnerabilities in the
libc6 package. The utilities "catchsegv" and "glibcbug" created
temporary files in an insecure way, which allowed a symlink attack to
create or overwrite arbitrary files with the rights of the user
invoking the program.

Solution :

Upgrade to :
- glibc-doc-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-dbg-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-dev-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-i686-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-pic-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- libc6-prof-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- locales-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)
- nscd-2.3.2.ds1-13ubuntu2.2 (Ubuntu 4.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.