|
Family: Debian Local Security Checks --> Category: infos
[DSA314] DSA-314-1 atftp Vulnerability Scan
Vulnerability Scan Summary DSA-314-1 atftp
Detailed Explanation for this Vulnerability Test
Rick Patel discovered that atftpd is vulnerable to a buffer overflow
when a long filename is sent to the server. A possible hacker could exploit
this bug remotely to execute arbitrary code on the server.
For the stable distribution (woody), this problem has been fixed in
version 0.6.1.1.0woody1.
The old stable distribution (potato) does not contain an atftp
package.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you update your atftp package.
Solution : http://www.debian.org/security/2003/dsa-314
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|