Fedora Core 1 : glibc-2.3.2-101.1 (2003-002)

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora Core host is missing a security update.

Description :

Herbert Xu reported that various applications can accept spoofed
messages sent on the kernel netlink interface by other users on the
local machine. This could lead to a local denial of service attack.
The glibc function getifaddrs uses netlink and could therefore be
vulnerable to this issue. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2003-0859 to this
issue.

In addition to this this update fixes a couple of bugs.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?1510b84b

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)

Family: Fedora Local Security Checks

Nessus Plugin ID: 13661 (fedora_2003-002.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0859

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now