Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA076] DSA-076-1 most


Vulnerability Assessment Details

[DSA076] DSA-076-1 most

Vulnerability Assessment Summary
DSA-076-1 most

Detailed Explanation for this Vulnerability Assessment

Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.

This has been fixed in the upstream version 4.9.2 and an updated
version of 4.9.0 for Debian GNU/Linux 2.2.

We recommend that you upgrade your most package immediately.



Solution : http://www.debian.org/security/2001/dsa-076
Network Security Threat Level: High

Networks Security ID: 3347

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

HP Z820 W7 PRO TWO E5-2670 2.6GHZ 96GB 4 X 1TB SATA QUADRO K2000 2GB
$4989.0
HP Z820 W7 PRO TWO E5-2670 2.6GHZ 96GB 4 X 1TB SATA QUADRO K2000 2GB pictureDELL POWEREDGE C6145 SERVER FOUR AMD 6124 HE 1.80GHZ 256GB 18 X 1TB SAS
$8919.0
DELL POWEREDGE C6145 SERVER FOUR AMD 6124 HE 1.80GHZ 256GB 18 X 1TB SAS pictureHP Z820 W7 PRO TWO E5-2680 2.70GHZ 64GB 2 X 1TB SATA NO VID
$4159.0
HP Z820 W7 PRO TWO E5-2680 2.70GHZ 64GB 2 X 1TB SATA NO VID pictureHGST 2.5" 7MM SATA 1TB 5400RPM 32MB 6Gb/s Laptop HDD HTS541010A7E630 P/N:0J42231
$49.0
HGST 2.5


Discussions

No Discussions have been posted on this vulnerability.