Summary
Ovidiu Mara reported in 2010 a vulnerability in the ping util, commonly used by system and network administrators. By carefully crafting ICMP responses, an attacker could make the ping command hangs.
Solution
For the stable distribution (squeeze), this problem has been fixed in version 2:1.6-3.1+squeeze2.
For the testing distribution (wheezy), this problem has been fixed in version 2:1.9-2.
For the unstable distribution (sid), this problem has been fixed in version 2:1.9-2.
We recommend that you upgrade your inetutils packages.
Insight
The inetuitls are a collection of basic internet services, among them ftp, inetd, ping, syslog, talk, telnet, and system configuration tools.
Affected
inetutils on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-2529 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities