Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 385-1 (hztty)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to hztty announced via advisory DSA 385-1.
Insight
Insight
Jens Steube reported a pair of buffer overflow vulnerabilities in hztty, a program to translate Chinese character encodings in a terminal session. These vulnerabilities could be exploited by a local attacker to gain root privileges on a system where hztty is installed. Additionally, hztty had been incorrectly installed setuid root, when it only requires the privileges of group utmp. This has also been corrected in this update. For the stable distribution (woody) this problem has been fixed in version 2.0-5.2woody1. For the unstable distribution (sid) this problem will befixed in version 2.0-6. We recommend that you update your hztty package.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20385-1