Generic NQS local root
| generic-nqs-local-root (4306) |  Medium Risk |
Description:
Generic NQS contains a vulnerability that allows a local user to gain root privileges.
Consequences:
Gain Privileges
Remedy:
Upgrade to the latest version of Generic NQS (version 3.50.8 or later), available from the Generic NQS FTP site. Upgrades are also available from FreeBSD, as listed in FreeBSD Security Advisory FreeBSD-SA-00:13. See References.
References:
- BugTraq Mailing List, Wed Mar 22 2000 - 06:50:04 CST: Local root compromise in GNQS 3.50.6 and 3.50.7.
- FreeBSD Security Advisory FreeBSD-SA-00:13: generic-nqs contains a local root compromise.
- Generic NQS FTP site: Current Production Release.
- Generic NQS FTP site: Change log for version 3.50.8.
- BID-1842: GNQS Root Access Vulnerability
- CVE-2000-0247: Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges.
Platforms Affected:
- Stuart Herbert Generic NQS 3.50.6
- Stuart Herbert Generic NQS 3.50.7
Reported:
Mar 22, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net