|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:210: w3c-libwww Vulnerability Scan
Vulnerability Scan Summary Check for the version of the w3c-libwww package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:210 (w3c-libwww).
Sam Varshavchik discovered the HTBoundary_put_block function in HTBound.c for
W3C libwww (w3c-libwww) allows remote servers to cause a denial of service
(segmentation fault) via a crafted multipart/byteranges MIME message that
triggers an out-of-bounds read. The updated packages have been patched to
address this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:210
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|