Lucene search
Debian Security Advisory DSA 076-1 (most)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 5 Views
Debian Security Advisory DSA 076-1 (most) - Buffer overflow in 'most' pager progra
Show more
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2001-0961 | 25 Jun 200204:00 | – | cvelist |
 | CVE-2001-0961 | 18 Sep 200104:00 | – | nvd |
| Debian Security Advisory DSA 076-1 (most) | 17 Jan 200800:00 | – | openvas |
 | Debian DSA-076-1 : most - buffer overflow | 29 Sep 200400:00 | – | nessus |
 | CVE-2001-0961 | 25 Jun 200204:00 | – | cve |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53569");
script_cve_id("CVE-2001-0961");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 14:24:38 +0100 (Thu, 17 Jan 2008)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 076-1 (most)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB2\.2");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20076-1");
script_tag(name:"insight", value:"Pavel Machek has found a buffer overflow in the `most' pager program.
The problem is part of most's tab expansion where the program would
write beyond the bounds two array variables when viewing a malicious
file. This could lead into other data structures being overwritten
which in turn could enable most to execute arbitrary code being able
to compromise the users environment.
This has been fixed in the upstream version 4.9.2 and an updated
version of 4.9.0 for Debian GNU/Linux 2.2.");
script_tag(name:"solution", value:"We recommend that you upgrade your most package immediately.");
script_tag(name:"summary", value:"The remote host is missing an update to most
announced via advisory DSA 076-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"most", ver:"4.9.0-2.1", rls:"DEB2.2")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS210
EPSS0.06452