Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2005:015: openslp Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the openslp package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2005:015 (openslp).
The SUSE Security Team reviewed critical parts of the OpenSLP package,
an open source implementation of the Service Location Protocol (SLP).
SLP is used by Desktops to locate certain services such as printers and
by servers to announce their services.
During the audit, various buffer overflows and out of bounds memory access
have been fixed which can be triggered by remote attackers by sending
malformed SLP packets.
Solution : http://www.suse.de/security/advisories/2005_15_openslp.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.