Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:065: kaffeine Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kaffeine package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:065 (kaffeine).
Marcus Meissner discovered Kaffeine contains an unchecked buffer while creating
HTTP request headers for fetching remote RAM playlists, which allows
overflowing a heap allocated buffer. As a result, remotely supplied RAM
playlists can be used to execute arbitrary code on the client machine. Updated
packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:065
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.