Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA385] DSA-385-1 hztty

Vulnerability Assessment Details

[DSA385] DSA-385-1 hztty

Vulnerability Assessment Summary
DSA-385-1 hztty

Detailed Explanation for this Vulnerability Assessment

Jens Steube reported a pair of buffer overflow vulnerabilities in
hztty, a program to translate Chinese character encodings in a
terminal session. These vulnerabilities could be exploited by a local
attacker to gain root rights on a system where hztty is installed.
Additionally, hztty had been incorrectly installed setuid root, when
it only requires the rights of group utmp. This has also been
corrected in this update.
For the stable distribution (woody) this problem has been fixed in
version 2.0-5.2woody1.
For the unstable distribution (sid) this problem will be fixed in
version 2.0-6.
We recommend that you update your hztty package.

Solution :
Network Security Threat Level: High

Networks Security ID: 8656

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

Samsung Galaxy Tab 4
Samsung Galaxy Tab 4 pictureSamsung Galaxy Tab 4 SM-T337A 16GB, Wi-Fi + 4G (AT&T), 8in - White
Samsung Galaxy Tab 4 SM-T337A 16GB, Wi-Fi + 4G (AT&T), 8in - White pictureSamsung NP3005V5A (Fully functional, Boots to Windows)
Samsung NP3005V5A (Fully functional, Boots to Windows) picturesamsung laptop with charger for parts
samsung laptop with charger for parts picture


No Discussions have been posted on this vulnerability.