Lucene search
Debian Security Advisory DSA 113-1 (ncurses)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 15 Views
Debian Security Advisory DSA 113-1 (ncurses) addresses a missed buffer overflow fix in the 'ncurses' library, potentially leading to crashes in large windows when using ncurses applications
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | CVE-2002-0062 | 2 Apr 200305:00 | – | cve |
 | [RHSA-2002:020-05] Updated ncurses4 compat packages are available | 24 Feb 200200:00 | – | securityvulns |
 | CVE-2002-0062 | 2 Apr 200305:00 | – | cvelist |
 | Debian DSA-113-1 : ncurses - buffer overflow | 29 Sep 200400:00 | – | nessus |
 | CVE-2002-0062 | 8 Mar 200205:00 | – | nvd |
| Debian Security Advisory DSA 113-1 (ncurses) | 17 Jan 200800:00 | – | openvas |
 | [SECURITY] [DSA-113-1] New ncurses packages available | 18 Feb 200200:00 | – | debian |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
| securityfocus | www.securityfocus.com/bid/2116 |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53842");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:24:46 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2002-0062");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 113-1 (ncurses)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB2\.2");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20113-1");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/2116");
script_tag(name:"insight", value:"Several buffer overflows were fixed in the 'ncurses' library in November
2000. Unfortunately, one was missed. This can lead to crashes when using
ncurses applications in large windows.
The Common Vulnerabilities and Exposures project has
assigned the name CVE-2002-0062 to this issue.
This problem has been fixed for the stable release of Debian in version
5.0-6.0potato2. The testing and unstable releases contain ncurses 5.2,
which is not affected by this problem.
There are no known exploits for this problem, but we recommend that all
users upgrade ncurses immediately.");
script_tag(name:"summary", value:"The remote host is missing an update to ncurses
announced via advisory DSA 113-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"ncurses-base", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"ncurses-term", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libncurses5-dbg", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libncurses5-dev", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libncurses5", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"ncurses-bin", ver:"5.0-6.0potato2", rls:"DEB2.2")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS27.2
EPSS0.00194