|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2003:108: stunnel Vulnerability Assessment Details
|
MDKSA-2003:108: stunnel |
||
|
Check for the version of the stunnel package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2003:108 (stunnel). A vulnerability was discovered in stunnel versions 3.24 and earlier, as well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical file descriptor that can be used to hijack stunnel's services. All users are encouraged to upgrade to these packages. Note that the version of stunnel provided with Mandrake Linux 9.1 and above is not vulnerable to this problem. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:108 Network Security Threat Level: High Networks Security ID: 8537 Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
|
Network Interface Cards, NICs |
|
||
|
No Discussions have been posted on this vulnerability. |