Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2003:107: glibc

Vulnerability Assessment Details

MDKSA-2003:107: glibc
Vulnerability Assessment Summary
Check for the version of the glibc package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2003:107 (glibc).


A bug was discovered in the getgrouplist function in glibc that can cause a
buffer overflow if the size of the group list is too small to hold all the
user's groups. This overflow can cause segementation faults in various user
applications, some of which may lead to additional security problems. The
problem can only be triggered if the user is in a larger number of groups than
expected by an application.
The provided packages are patched to address this issue.


Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:107
Network Security Threat Level: High

Networks Security ID: 8477

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security
Cables, Connectors


Supermicro 1U X11DPU 2x Xeon Gold 6132 2.6GHz / 128gb / 10x 2.5 Trays / 2x 750w picture

Supermicro 1U X11DPU 2x Xeon Gold 6132 2.6GHz / 128gb / 10x 2.5 Trays / 2x 750w

$649.99


1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE picture

1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE

$273.00


Supermicro SYS-5019P-M Server Xeon Scalable 6138 20 Cores 40 Threads 48gb DDR4 picture

Supermicro SYS-5019P-M Server Xeon Scalable 6138 20 Cores 40 Threads 48gb DDR4

$330.00


1U 20

1U 20" Short Depth Server Firewall PFSense X11SSH-F Xeon 3.5Ghz 32GB RAM NVME

$247.00


HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVES picture

HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVES

$199.00


Genuine HP ProLiant MicroServer Gen8 Intel Pentium G2020T 2.5GHz 712318-001 picture

Genuine HP ProLiant MicroServer Gen8 Intel Pentium G2020T 2.5GHz 712318-001

$199.95


HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVESorCads picture

HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVESorCads

$200.00


CEOhack 1U X9DRW-3TF+ 4 Bay Server 64GB DDR3 1x E5-2667 V2 3.30GHz 8C 1x 1TB HDD picture

CEOhack 1U X9DRW-3TF+ 4 Bay Server 64GB DDR3 1x E5-2667 V2 3.30GHz 8C 1x 1TB HDD

$119.00


1U Supermicro Server X10DRU-i+ 2x Xeon Total 36 Cores 64GB 4x 10GBE-T 2PS picture

1U Supermicro Server X10DRU-i+ 2x Xeon Total 36 Cores 64GB 4x 10GBE-T 2PS

$314.00


1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports picture

1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports

$149.00


Discussions

No Discussions have been posted on this vulnerability.