Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA076] DSA-076-1 most

Vulnerability Assessment Details

[DSA076] DSA-076-1 most

Vulnerability Assessment Summary
DSA-076-1 most

Detailed Explanation for this Vulnerability Assessment

Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.

This has been fixed in the upstream version 4.9.2 and an updated
version of 4.9.0 for Debian GNU/Linux 2.2.

We recommend that you upgrade your most package immediately.

Solution : http://www.debian.org/security/2001/dsa-076
Network Security Threat Level: High

Networks Security ID: 3347

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors