Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA076] DSA-076-1 most


Vulnerability Assessment Details

[DSA076] DSA-076-1 most

Vulnerability Assessment Summary
DSA-076-1 most

Detailed Explanation for this Vulnerability Assessment

Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.

This has been fixed in the upstream version 4.9.2 and an updated
version of 4.9.0 for Debian GNU/Linux 2.2.

We recommend that you upgrade your most package immediately.



Solution : http://www.debian.org/security/2001/dsa-076
Network Security Threat Level: High

Networks Security ID: 3347

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

Apple Macintosh Mac mouse M0100 for 128K/512K/Plus WORKING
$65.0
Apple Macintosh Mac mouse M0100 for 128K/512K/Plus WORKING pictureMacintosh 128k or 512K Numeric Keypad M0120, with cable
$98.0
Macintosh 128k or 512K Numeric Keypad M0120, with cable pictureApple Macintosh Vintage Tote Carryon Bag For 128K or 512K or SE m0001
$4.25
Apple Macintosh Vintage Tote Carryon Bag For 128K or 512K or SE m0001 pictureApple Macintosh Vintage 1984 Keyboard with Picasso Box For 128K or 512K m0001
$26.0
Apple Macintosh Vintage 1984 Keyboard with Picasso Box For 128K or 512K m0001 picture


Discussions

No Discussions have been posted on this vulnerability.