Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 2 2005-280: sharutils


Vulnerability Assessment Details

Fedora Core 2 2005-280: sharutils

Vulnerability Assessment Summary
Check for the version of the sharutils package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory FEDORA-2005-280 (sharutils).

The sharutils package contains the GNU shar utilities, a set of tools
for encoding and decoding packages of files (in binary or text format)
in a special plain text format called shell archives (shar). This
format can be sent through e-mail (which can be problematic for
regular
binary files). The shar utility supports a wide range of capabilities
(compressing, uuencoding, splitting long files for multi-part
mailings, providing checksums), which make it very flexible at
creating shar files. After the files have been sent, the unshar tool
scans mail messages looking for shar files. Unshar automatically
strips off mail headers and introductory text and then unpacks the
shar files.

Install sharutils if you send binary files through e-mail.


* Thu Mar 31 2005 Than Ngo
4.2.1-18.1.FC2

- apply patch to fix multiple buffer overflows #152571
- apply patch to fix buffer overflow in handling of -o option,
CVE-2004-1772, #123230



Solution : http://www.fedoranews.org/blog/index.php?p=560
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors

Lenovo ThinkServer TS140 Tower Server System Intel Core i3-4150 3.5GHz 8GB RAM
$45.59
Lenovo ThinkServer TS140 Tower Server System Intel Core i3-4150 3.5GHz 8GB RAM  pictureDell PowerEdge R720xd Dual E5-2660 8C 2.2GHz 256GB 24x 900GB SAS 24 Bay 2.5in
$7298.0
Dell PowerEdge R720xd Dual E5-2660 8C 2.2GHz 256GB 24x 900GB SAS 24 Bay 2.5in pictureDell PowerEdge R720xd Server Dual E5-2680 v2 10 Core 2.8GHz 256GB 24 Bay 2.5in
$3969.0
Dell PowerEdge R720xd Server Dual E5-2680 v2 10 Core 2.8GHz 256GB 24 Bay 2.5in pictureASRock IMB-181-D LGA 1150 Intel Q87 Haswell Mini ITX PC Server Motherboard
$0.99
ASRock IMB-181-D LGA 1150 Intel Q87 Haswell Mini ITX PC Server Motherboard picture


Discussions

No Discussions have been posted on this vulnerability.