|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200411-37] Open DC Hub: Remote code execution Vulnerability Scan
Vulnerability Scan Summary Open DC Hub: Remote code execution
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200411-37
(Open DC Hub: Remote code execution)
Donato Ferrante discovered a buffer overflow vulnerability in the
RedirectAll command of the Open DC Hub.
Impact
Upon exploitation, a remote user with administrative rights
can execute arbitrary code on the system running the Open DC Hub.
Workaround
Only give administrative rights to trusted users.
References:
http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1115.html
Solution:
All Open DC Hub users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-p2p/opendchub-0.7.14-r2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|