Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2007:005: w3m Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the w3m package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2007:005 (w3m).
A format string problem in w3m -dump / -backend mode could be used
by a malicious server to crash w3m or execute code.
In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server
and Desktop 10 this problem was not exploitable to execute code due
to use of the FORTIFY SOURCE extensions.
This problem is tracked by the Mitre CVE ID CVE-2006-6772.
Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2007_05_w3m.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.