Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200503-06] BidWatcher: Format string vulnerability Vulnerability Scan


Vulnerability Scan Summary
BidWatcher: Format string vulnerability

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200503-06
(BidWatcher: Format string vulnerability)


Ulf Harnhammar discovered a format string vulnerability in
"netstuff.cpp".

Impact

Remote attackers can potentially exploit this vulnerability by
sending specially crafted responses via an eBay HTTP server or a
man-in-the-middle attack to execute arbitrary malicious code.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0158


Solution:
All BidWatcher users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/bidwatcher-1.13.17"


Threat Level: Medium


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.