|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2003:099: sane Vulnerability Assessment Details
|
MDKSA-2003:099: sane |
||
|
Check for the version of the sane package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2003:099 (sane). Several vulnerabilities were discovered in the saned daemon, a part of the sane package, which permits for a scanner to be used remotely. The IP address of the remote host is only checked after the first communication occurs, which causes the saned.conf restrictions to be ignored for the first connection. As well, a connection that is dropped early can cause Denial of Service issues due to a number of differing factors. Finally, a lack of error checking can cause various other unfavourable actions. The provided packages have been patched to correct the issues. sane, as distributed in Mandrake Linux 9.1 and higher, have versions where the fixes were applied upstream. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:099 Network Security Threat Level: High Networks Security ID: 8594, 8595, 8596, 8597, 8600 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
|
Software, Operating Systems |
|
||
|
No Discussions have been posted on this vulnerability. |