|
Family: Debian Local Security Checks --> Category: infos
[DSA040] DSA-040-1 slrn Vulnerability Scan
Vulnerability Scan Summary DSA-040-1 slrn
Detailed Explanation for this Vulnerability Test
Bill Nottingham reported a problem in the
wrapping/unwrapping functions of the slrn newsreader. A long header in a
message might overflow a buffer, which could result in executing arbitrary
code encoded in the message.
The default configuration does not have wrapping enable, but it can easily
be enabled either by changing the configuration or pressing W while viewing a
message.
This has been fixed in version 0.9.6.2-9potato1 and we recommand that you
upgrade your slrn package immediately.
Solution : http://www.debian.org/security/2001/dsa-040
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|