|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200504-10] Gld: Remote execution of arbitrary code Vulnerability Scan
Vulnerability Scan Summary Gld: Remote execution of arbitrary code
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200504-10
(Gld: Remote execution of arbitrary code)
dong-hun discovered several buffer overflows in server.c, as well
as several format string vulnerabilities in cnf.c.
Impact
A possible hacker could exploit this vulnerability to execute arbitrary
code with the permissions of the user running Gld, the default user
being root.
Workaround
There is no known workaround at this time.
References:
http://securitytracker.com/alerts/2005/Apr/1013678.html
Solution:
All Gld users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/gld-1.5"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|