Mandrake Linux Security Advisory : glibc (MDKSA-2003:037)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

An integer overflow was discovered by eEye Digital Security in the
xdrmem_getbytes() function of glibc 2.3.1 and earlier. This function
is part of the XDR encoder/decoder derived from Sun's RPC
implementation. Depending upon the application, this vulnerability can
cause buffer overflows and could possibly be exploited to execute
arbitrary code.

The provided packages contain patches that correct this issue and all
users should upgrade. Please note that users of Mandrake Linux 9.1
already have this fix in the 9.1-released glibc packages.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14021 (mandrake_MDKSA-2003-037.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0028

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now