CERTA-2006-AVI-089
Vulnerability from certfr_avis - Published: 2006-02-23 - Updated: 2006-02-23None
Resumé
Une vulnérabilité présente dans Novell Casa (Common Authentication Service Adapter) peut être exploitée par un utilisateur mal intentioné pour réaliser un déni de service ou éxecuter du code arbitraire sur le système vulnérable.
Description
L'application Novell CASA (Common Authentication Service Adapter) est l'application Novell utilisée pour l'authentification communes des clients Linux, windows.
Une vulnérabilité présente sur le module pam_micasa peut être exploitée par un utilisateur mal intentionné pour causer un débordement de mémoire et réaliser un déni de service ou exécuter du code arbitraire à distance.
Solution
Appliquer le correctif disponible sur le site de l'éditeur (cf. section documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Novell Linux Desktop 9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
},
{
"description": "Novell CASA 1.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
},
{
"description": "Novell Open Enterprise Server.",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Resum\u00e9\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans Novell Casa (Common Authentication\nService Adapter) peut \u00eatre exploit\u00e9e par un utilisateur mal intention\u00e9\npour r\u00e9aliser un d\u00e9ni de service ou \u00e9xecuter du code arbitraire sur le\nsyst\u00e8me vuln\u00e9rable.\n\n## Description\n\nL\u0027application Novell CASA (Common Authentication Service Adapter) est\nl\u0027application Novell utilis\u00e9e pour l\u0027authentification communes des\nclients Linux, windows.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente sur le module pam_micasa peut \u00eatre exploit\u00e9e\npar un utilisateur mal intentionn\u00e9 pour causer un d\u00e9bordement de m\u00e9moire\net r\u00e9aliser un d\u00e9ni de service ou ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nAppliquer le correctif disponible sur le site de l\u0027\u00e9diteur (cf. section\ndocumentation).\n",
"cves": [],
"initial_release_date": "2006-02-23T00:00:00",
"last_revision_date": "2006-02-23T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Novell du 22 f\u00e9vrier 2006 :",
"url": "http://www.novell.com/linux/security/advisories/2006_10_casa.html"
},
{
"title": "Site internet de Novell :",
"url": "http://www.novell.com"
}
],
"reference": "CERTA-2006-AVI-089",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 dans Novell CASA",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…