Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA350] DSA-350-1 falconseye


Vulnerability Assessment Details

[DSA350] DSA-350-1 falconseye

Vulnerability Assessment Summary
DSA-350-1 falconseye

Detailed Explanation for this Vulnerability Assessment

The falconseye package is vulnerable to a buffer overflow exploited
via a long -s command line option. This vulnerability could be used
by a possible hacker to gain gid 'games' on a system where falconseye is
installed.
Note that falconseye does not contain the file permission error
CVE-2003-0359 which affected some other nethack packages.
For the stable distribution (woody) this problem has been fixed in
version 1.9.3-7woody3.
For the unstable distribution (sid) this problem has been fixed in
version 1.9.3-9.
We recommend that you update your falconseye package.


Solution : http://www.debian.org/security/2003/dsa-350
Network Security Threat Level: High

Networks Security ID: 6806

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

Snom 870 VOIP desk phone white reset to default configuration
$80.0
 Snom 870 VOIP desk phone white reset to default configuration pictureNEC DSX 34B VOIP IP Display Tel (BK) System Telephone Black 1090034
$319.99
NEC DSX 34B VOIP IP Display Tel (BK) System Telephone Black 1090034 pictureSnom 300 VoIP Business Phones w/ power adapter
$160.0
Snom 300 VoIP Business Phones w/ power adapter pictureJabra Speak 410 MS USB Hands Free Speakerphone for MicroSoft Internet VoIP calls
$65.0
Jabra Speak 410 MS USB Hands Free Speakerphone for MicroSoft Internet VoIP calls picture


Discussions

No Discussions have been posted on this vulnerability.