Mandrake Linux Security Advisory : Eterm (MDKSA-2003:040)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Digital Defense Inc. released a paper detailing insecurities in
various terminal emulators, including Eterm. Many of the features
supported by these programs can be abused when untrusted data is
displayed on the screen. This abuse can be anything from garbage data
being displayed to the screen or a system compromise.

These issues are corrected in Eterm 0.9.2, which is already included
in Mandrake Linux 9.1.

See also :

http://marc.info/?l=bugtraq&m=104612710031920&w=2

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14024 (mandrake_MDKSA-2003-040.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0021
CVE-2003-0068

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now