|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200701-06] w3m: Format string vulnerability Vulnerability Scan
Vulnerability Scan Summary w3m: Format string vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200701-06
(w3m: Format string vulnerability)
w3m in -dump or -backend mode does not correctly handle printf() format
string specifiers in the Common Name (CN) field of an X.509 SSL
certificate.
Impact
A possible hacker could entice a user to visit a malicious website that would
load a specially crafted X.509 SSL certificate containing "%n" or other
format string specifiers, possibly resulting in the execution of
arbitrary code with the rights of the user running w3m.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772
Solution:
All w3m users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/w3m-0.5.1-r4"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|