Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:017: pwlib Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the pwlib package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:017 (pwlib).
The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test suite for
the H.225 protocol. A possible hacker could trigger these bugs by sending carefully
crafted messages to an application that uses pwlib, and the severity would vary
based on the application, but likely would result in a Denial of Service (DoS).
The updated packages provide backported fixes from Craig Southeren of the
OpenH323 project to protect against this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:017
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.