Debian Security Advisory DSA 418-1 (vbox3)

Published: 2008-01-17 21:41:51
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Recommendations:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20418-1

Technical Details:
A bug was discovered in vbox3, a voice response system for isdn4linux, whereby root privileges were not properly relinquished before executing a user-supplied tcl script. By exploiting this vulnerability, a local user could gain root privileges. For the current stable distribution (woody) this problem has been fixed in version 0.1.7.1. For the unstable distribution, this problem has been fixed in version 0.1.8. We recommend that you update your vbox3 Linux Distribution Package.

Summary:
The remote host is missing an update to vbox3 announced via advisory DSA 418-1.

Detection Type:
Linux Distribution Package

Solution Type:
Vendor Patch

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2004-0015

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/9381

Search
Severity
High
CVSS Score
7.2

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.