Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA076] DSA-076-1 most


Vulnerability Assessment Details

[DSA076] DSA-076-1 most

Vulnerability Assessment Summary
DSA-076-1 most

Detailed Explanation for this Vulnerability Assessment

Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.

This has been fixed in the upstream version 4.9.2 and an updated
version of 4.9.0 for Debian GNU/Linux 2.2.

We recommend that you upgrade your most package immediately.



Solution : http://www.debian.org/security/2001/dsa-076
Network Security Threat Level: High

Networks Security ID: 3347

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

EX2200-24T-4G I Brand New Sealed Juniper EX 2200 Switch 24-Port 10/100/1000BASET
$354.35
EX2200-24T-4G I Brand New Sealed Juniper EX 2200 Switch 24-Port 10/100/1000BASET pictureJuniper NS-5XT-105-SWIFT BT Internet Router Firewall
$399.0
Juniper NS-5XT-105-SWIFT BT Internet Router Firewall pictureJuniper QFX3500-48S4Q-E QFX3500 48-Port Ethernet Switch { UNTESTED }
$639.99
Juniper QFX3500-48S4Q-E QFX3500 48-Port Ethernet Switch {  UNTESTED }  pictureJuniper Netscreen NS-5GT-201-AV Extended 25 Tunnels 4064 Sessions Trend Micro
$159.0
Juniper Netscreen NS-5GT-201-AV Extended 25 Tunnels 4064 Sessions Trend Micro picture


Discussions

No Discussions have been posted on this vulnerability.