Test ID:	1.3.6.1.4.1.25623.1.0.51423
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:655
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2003:655. BitchX is a text-mode IRC client. This update fixes two remote vulnerabilities in Bitchx: 1. Buffer overflows In a message sent to the bugtraq mailing list, Timo Sirainen pointed out[1] several possible buffer overflow vulnerabilities in BitchX and other IRC clients. These vulnerabilities can be exploited by a remote attacker who is able to control the server to which the client is connected. 2. Denial of Service on channel mode change A Denial of Service (DoS) vulnerability has been found[2] in BitchX. This vulnerability allows a remote attacker to crash BitchX by changing certains channel modes. Please note that BitchX is being upgraded to version 1.0c18 in all supported Conectiva Linux products, thus several new features and other bug fixes are being added as well. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityfocus.com/archive/1/315057 http://www.securityfocus.com/archive/1/321093 http://distro2.conectiva.com.br/bugzilla/show_bug.cgi?id=8197 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:655 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.