Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA385] DSA-385-1 hztty


Vulnerability Assessment Details

[DSA385] DSA-385-1 hztty

Vulnerability Assessment Summary
DSA-385-1 hztty

Detailed Explanation for this Vulnerability Assessment

Jens Steube reported a pair of buffer overflow vulnerabilities in
hztty, a program to translate Chinese character encodings in a
terminal session. These vulnerabilities could be exploited by a local
attacker to gain root rights on a system where hztty is installed.
Additionally, hztty had been incorrectly installed setuid root, when
it only requires the rights of group utmp. This has also been
corrected in this update.
For the stable distribution (woody) this problem has been fixed in
version 2.0-5.2woody1.
For the unstable distribution (sid) this problem will be fixed in
version 2.0-6.
We recommend that you update your hztty package.


Solution : http://www.debian.org/security/2003/dsa-385
Network Security Threat Level: High

Networks Security ID: 8656

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

HP ProLiant DL380 G6 Server 2x E5520 2.27GHz 8 Cores 106GB RAM 4x 146GB P410i
$250.0
HP ProLiant DL380 G6 Server 2x E5520 2.27GHz 8 Cores 106GB RAM 4x 146GB P410i pictureDELL POWEREDGE M620 REF E5-2660V2 2.20GHZ 64GB NO HDD H710P
$1919.0
DELL POWEREDGE M620 REF E5-2660V2 2.20GHZ 64GB NO HDD H710P pictureHP BL460c Gen9 E5-2620v3 2.4 6C 1P 16G H244br Server 727027-B21 Renew 3yr wty
$1950.0
HP BL460c Gen9 E5-2620v3 2.4 6C 1P 16G H244br Server 727027-B21 Renew 3yr wty pictureHP BL460c Gen9 E5-2650v3 2.3 10C 1P 32G P244br Server 727029-B21 Renew 3yr wty
$2795.0
HP BL460c Gen9 E5-2650v3 2.3 10C 1P 32G P244br Server 727029-B21 Renew 3yr wty picture


Discussions

No Discussions have been posted on this vulnerability.