SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Astaro Security Linux Vendors:   Astaro
Astaro Security Linux Discloses System Information to Remote Users
SecurityTracker Alert ID:  1012065
SecurityTracker URL:  http://securitytracker.com/id/1012065
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 3 2004
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.024
Description:   Two vulnerabilities were reported in Astaro Security Linux. A remote user can obtain system information about the system.

The vendor reported that the PPTP server discloses information about the PPTP server version number. It is also reported that the firewall will respond to TCP SYN-FIN packets, allowing a remote user to discover the firewall.

Impact:   A remote user can determine the PPTP server version number.

A remote user can discover the firewall.

Solution:   The vendor has issued a new version (4.024), available via Up2Date.
Vendor URL:  www.astaro.com/ (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC