|
Family: Debian Local Security Checks --> Category: infos
[DSA329] DSA-329-1 osh Vulnerability Scan
Vulnerability Scan Summary DSA-329-1 osh
Detailed Explanation for this Vulnerability Test
Steve Kemp discovered that osh, a shell intended to restrict the
actions of the user, contains two buffer overflows, in processing
environment variables and file redirections. These vulnerabilities
could be used to execute arbitrary code, overriding any restrictions
placed on the shell.
For the stable distribution (woody) this problem has been fixed in
version 1.7-11woody1.
The old stable distribution (potato) is affected by this problem, and
may be fixed in a future advisory on a time-available basis.
For the unstable distribution (sid) this problem is fixed in version
1.7-12.
We recommend that you update your osh package.
Solution : http://www.debian.org/security/2003/dsa-329
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|