Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA462] DSA-462-1 xitalk


Vulnerability Assessment Details

[DSA462] DSA-462-1 xitalk

Vulnerability Assessment Summary
DSA-462-1 xitalk

Detailed Explanation for this Vulnerability Assessment

Steve Kemp from the Debian Security Audit Project discovered a problem in
xitalk, a talk intercept utility for the X Window System. A local
user can exploit this problem and execute arbitrary commands under the
GID utmp. This could be used by a possible hacker to remove traces from the
utmp file.
For the stable distribution (woody) this problem has been fixed in
version 1.1.11-9.1woody1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your xitalk package.


Solution : http://www.debian.org/security/2004/dsa-462
Network Security Threat Level: High

Networks Security ID: 9851

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors

IBM 66G9984 84G4359 66G9987 OEM 20-10V 2-2.2A DC Car Laptop Power Adapter
$20.0
IBM 66G9984 84G4359 66G9987 OEM 20-10V 2-2.2A DC Car Laptop Power Adapter pictureIBM OEM IDE 8450MB HDD DHEA-38451 00K0395
$49.95
IBM OEM IDE 8450MB HDD DHEA-38451 00K0395 pictureGenuine OEM IBM Laptop Keyboard 08K5015 08K5044 RM87-US O5 R50 R50e R51 KYT4 15"
$12.95
Genuine OEM IBM Laptop Keyboard 08K5015 08K5044 RM87-US O5 R50 R50e R51 KYT4 15Genuine OEM IBM 95Y8334 SurePOS 700 4800-743/783 PCI Express Riser Card
$11.99
Genuine OEM IBM 95Y8334 SurePOS 700 4800-743/783 PCI Express Riser Card picture


Discussions

No Discussions have been posted on this vulnerability.