Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

SuSE update for sane

Nov 18, 2003 1:29AM PST

Critical: Less critical
Impact: DoS

Where: From local network



OS: SuSE Linux 7.x
SuSE Linux 8.x
SuSE Linux Desktop 1.x

Description:
SuSE has issued updated packages for sane. These fix several vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerabilities are caused due to various errors that all can be exploited to either crash the service or cause it to consume an excessive amount of memory resources.

Successful exploitation requires that saned is running but the malicious system does not have to be listed in "saned.conf".


Solution:
Apply updated packages.

http://www.secunia.com/advisories/10254/

Discussion is locked