|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200411-24] BNC: Buffer overflow vulnerability Vulnerability Scan
Vulnerability Scan Summary BNC: Buffer overflow vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200411-24
(BNC: Buffer overflow vulnerability)
Leon Juranic discovered that BNC fails to do proper bounds
checking when checking server response.
Impact
A possible hacker could exploit this to cause a Denial of Service and
potentially execute arbitary code with the permissions of the user
running BNC.
Workaround
There is no known workaround at this time.
References:
http://gotbnc.com/changes.html
http://security.lss.hr/en/index.php?page=details&ID=LSS-2004-11-03
Solution:
All BNC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/bnc-2.9.1"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|