|
|
Family: Ubuntu Local Security Checks --> Category: infos
USN279-1 : libnasl vulnerability Vulnerability Scan
Vulnerability Scan Summary
libnasl vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- libnasl-dev
- libnasl2
Description :
Jayesh KS discovered that the nasl_split() function in the NASL
(Nessus Attack Scripting Language) library did not check for a
zero-length separator argument, which lead to an invalid memory
allocation. This library is primarily used in the Nessus security
scanner
a remote attacker could exploit this vulnerability to cause
the Nessus daemon to crash.
Solution :
Upgrade to :
- libnasl-dev-2.2.4-1ubuntu0.1 (Ubuntu 5.10)
- libnasl2-2.2.4-1ubuntu0.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
