Lucene search
Debian Security Advisory DSA 116-1 (cfs)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 8 Views
Debian Security Advisory DSA 116-1 (cfs) includes updates to fix buffer overflows in cfsd, a Unix(tm) file system encryption service daemon. Upgrade the cfs package immediately
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2002-0351 | 25 Jun 200204:00 | – | cve |
| Debian Security Advisory DSA 116-1 (cfs) | 17 Jan 200800:00 | – | openvas |
| FreeBSD Ports: cfs | 21 Sep 201100:00 | – | openvas |
| FreeBSD Ports: cfs | 21 Sep 201100:00 | – | openvas |
 | CVE-2002-0351 | 3 May 200204:00 | – | cvelist |
 | FreeBSD : security/cfs -- buffer overflow (e55f948f-d729-11e0-abd1-0017f22d6707) | 6 Sep 201100:00 | – | nessus |
| Debian DSA-116-1 : cfs - buffer overflow | 29 Sep 200400:00 | – | nessus |
 | CVE-2002-0351 | 25 Jun 200204:00 | – | nvd |
 | security/cfs -- buffer overflow | 2 Mar 200200:00 | – | freebsd |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53394");
script_cve_id("CVE-2002-0351");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:24:46 +0100 (Thu, 17 Jan 2008)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 116-1 (cfs)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB2\.2");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20116-1");
script_tag(name:"insight", value:"Zorgon found several buffer overflows in cfsd, a daemon that pushes
encryption services into the Unix(tm) file system. We are not yet
sure if these overflows can successfully be exploited to gain root
access to the machine running the CFS daemon. However, since cfsd can
easily be forced to die, a malicious user can easily perform a denial
of service attack to it.
This problem has been fixed in version 1.3.3-8.1 for the stable Debian
distribution and in version 1.4.1-5 for the testing and undtable
distribution of Debian.");
script_tag(name:"solution", value:"We recommend that you upgrade your cfs package immediately.");
script_tag(name:"summary", value:"The remote host is missing an update to cfs
announced via advisory DSA 116-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"cfs", ver:"1.3.3-8.1", rls:"DEB2.2")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS27.5
EPSS0.01896