ID de Prueba:	1.3.6.1.4.1.25623.1.0.703192
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 3192-1 (checkpw - security update)
Resumen:	Hiroya Ito of GMO Pepabo, Inc. reported;that checkpw, a password authentication program, has a flaw in processing account;names which contain double dashes. A remote attacker can use this flaw to cause a;denial of service (infinite loop).
Descripción:	Summary: Hiroya Ito of GMO Pepabo, Inc. reported that checkpw, a password authentication program, has a flaw in processing account names which contain double dashes. A remote attacker can use this flaw to cause a denial of service (infinite loop). Affected Software/OS: checkpw on Debian Linux Solution: For the stable distribution (wheezy), this problem has been fixed in version 1.02-1+deb7u1. For the upcoming stable distribution (jessie), this problem has been fixed in version 1.02-1.1. For the unstable distribution (sid), this problem has been fixed in version 1.02-1.1. We recommend that you upgrade your checkpw packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0885 Debian Security Information: DSA-3192 (Google Search) http://www.debian.org/security/2015/dsa-3192 http://jvn.jp/en/jp/JVN34790526/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000032
Copyright	Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.