Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA279] DSA-279-1 metrics

Vulnerability Assessment Details

[DSA279] DSA-279-1 metrics
Vulnerability Assessment Summary
DSA-279-1 metrics

Detailed Explanation for this Vulnerability Assessment

Paul Szabo and Matt Zimmerman discovered two similar problems in
metrics, a tools for software metrics. Two scripts in this package,
"halstead" and "gather_stats", open temporary files without taking
appropriate security precautions. "halstead" is installed as a user
program, while "gather_stats" is only used in an auxiliary script
included in the source code. These vulnerabilities could permit a
local attacker to overwrite files owned by the user running the
scripts, including root.
The stable distribution (woody) is not affected since it doesn't
contain a metrics package anymore.
For the old stable distribution (potato) this problem has been fixed
in version 1.0-1.1.
The unstable distribution (sid) is not affected since it doesn't
contain a metrics package anymore.
We recommend that you upgrade your metrics package.


Solution : http://www.debian.org/security/2003/dsa-279
Network Security Threat Level: High

Networks Security ID: 7293

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi
Cables, Connectors


Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 96GB | 8x 1.8TB Dell SAS picture

Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 96GB | 8x 1.8TB Dell SAS

$2749.99


Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 192GB | 8x HDD Trays picture

Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 192GB | 8x HDD Trays

$1939.99


Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 64GB | 8x HDD Trays picture

Dell Poweredge R640 Server | 2x Silver 4114 20 Cores | 64GB | 8x HDD Trays

$1614.99


Dell PowerEdge R7525 Server 24X2.5(8XNVME)+H745 2xEPYC 7302 CPU 128G RAM 2x2400W picture

Dell PowerEdge R7525 Server 24X2.5(8XNVME)+H745 2xEPYC 7302 CPU 128G RAM 2x2400W

$3350.00


DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45 picture

DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45

$274.00


Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD picture

Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD

$389.99


Dell PowerEdge R620 Server 2x E5-2660 v1 2.2GHz 16 Cores 256GB RAM 2x 300GB HDD picture

Dell PowerEdge R620 Server 2x E5-2660 v1 2.2GHz 16 Cores 256GB RAM 2x 300GB HDD

$79.19


Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB picture

Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB

$510.00


Dell PowerEdge R620 Server 2x E5-2650 V2 = 16 Cores H710P 128GB RAM 2x 600GB SAS picture

Dell PowerEdge R620 Server 2x E5-2650 V2 = 16 Cores H710P 128GB RAM 2x 600GB SAS

$274.99


1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE picture

1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE

$297.00


Discussions

No Discussions have been posted on this vulnerability.