|
Family: Debian Local Security Checks --> Category: infos
[DSA121] DSA-121-1 xtell Vulnerability Scan
Vulnerability Scan Summary DSA-121-1 xtell
Detailed Explanation for this Vulnerability Test
Several security related problems have been found in the xtell
package, a simple messaging client and server. In detail, these
problems contain several buffer overflows, a problem in connection
with symbolic links, unauthorized directory traversal when the path
contains "..". These problems could lead into a possible hacker being able
to execute arbitrary code on the server machine. The server runs with
nobody rights by default, so this would be the account to be
exploited.
They have been corrected by backporting changes from a newer upstream
version by the Debian maintainer for xtell. These problems are fixed
in version 1.91.1 in the stable distribution of Debian and in version
2.7 for the testing and unstable distribution of Debian.
We recommend that you upgrade your xtell packages immediately.
Solution : http://www.debian.org/security/2002/dsa-121
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|