FreeBSD Ports: Ko-helvis Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://people.freebsd.org/~niels/ports/korean/helvis/issues.txt http://www.vuxml.org/freebsd/bb99f803-5fde-11d9-b721-00065be4b5b6.html

Insight

The following packages are affected: ko-helvis helvis CVE-2005-0118 helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users. CVE-2005-0119 helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program.

Severity

Classification

CVE CVE-2005-0118, CVE-2005-0119

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

FreeBSD Ports: sudo
FreeBSD Ports: ldapscripts
FreeBSD Ports: shtool
FreeBSD Ports: drupal5
FreeBSD Ports: mysql-client

FreeBSD Ports: ko-helvis

Take action and discover your vulnerabilities