CERTA-2006-AVI-089
Vulnerability from certfr_avis
None
Resumé
Une vulnérabilité présente dans Novell Casa (Common Authentication Service Adapter) peut être exploitée par un utilisateur mal intentioné pour réaliser un déni de service ou éxecuter du code arbitraire sur le système vulnérable.
Description
L'application Novell CASA (Common Authentication Service Adapter) est l'application Novell utilisée pour l'authentification communes des clients Linux, windows.
Une vulnérabilité présente sur le module pam_micasa peut être exploitée par un utilisateur mal intentionné pour causer un débordement de mémoire et réaliser un déni de service ou exécuter du code arbitraire à distance.
Solution
Appliquer le correctif disponible sur le site de l'éditeur (cf. section documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Novell Linux Desktop 9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
},
{
"description": "Novell CASA 1.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
},
{
"description": "Novell Open Enterprise Server.",
"product": {
"name": "N/A",
"vendor": {
"name": "Novell",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Resum\u00e9\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans Novell Casa (Common Authentication\nService Adapter) peut \u00eatre exploit\u00e9e par un utilisateur mal intention\u00e9\npour r\u00e9aliser un d\u00e9ni de service ou \u00e9xecuter du code arbitraire sur le\nsyst\u00e8me vuln\u00e9rable.\n\n## Description\n\nL\u0027application Novell CASA (Common Authentication Service Adapter) est\nl\u0027application Novell utilis\u00e9e pour l\u0027authentification communes des\nclients Linux, windows.\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente sur le module pam_micasa peut \u00eatre exploit\u00e9e\npar un utilisateur mal intentionn\u00e9 pour causer un d\u00e9bordement de m\u00e9moire\net r\u00e9aliser un d\u00e9ni de service ou ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n\n## Solution\n\nAppliquer le correctif disponible sur le site de l\u0027\u00e9diteur (cf. section\ndocumentation).\n",
"cves": [],
"initial_release_date": "2006-02-23T00:00:00",
"last_revision_date": "2006-02-23T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Novell du 22 f\u00e9vrier 2006 :",
"url": "http://www.novell.com/linux/security/advisories/2006_10_casa.html"
},
{
"title": "Site internet de Novell :",
"url": "http://www.novell.com"
}
],
"reference": "CERTA-2006-AVI-089",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 dans Novell CASA",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…