Mandrake Linux Security Advisory : glibc (MDKSA-2002:050)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A buffer overflow vulnerability was found in the way that the glibc
resolver handles the resolution of network names and addresses via DNS
in glibc versions 2.2.5 and earlier. Only systems using the 'dns'
entry in the 'networks' database in /etc/nsswitch.conf are vulnerable
to this issue. By default, Mandrake Linux has this database set to
'files' and is not vulnerable. Likewise, a similar bug is in the
glibc-compat packages which provide compatability for programs
compiled against 2.0.x versions of glibc.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13953 (mandrake_MDKSA-2002-050.nasl)

Bugtraq ID:

CVE ID: CVE-2002-0651
CVE-2002-0684

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now