Test ID:	1.3.6.1.4.1.25623.1.0.57497
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-356-1 (gdb)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to gdb announced via advisory USN-356-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Will Drewry, of the Google Security Team, discovered buffer overflows in GDB's DWARF processing. This would allow an attacker to execute arbitrary code with user privileges by tricking the user into using GDB to load an executable that contained malicious debugging information. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: gdb 6.3-5ubuntu1.2 Ubuntu 5.10: gdb 6.3-6ubuntu2.1 Ubuntu 6.06 LTS: gdb 6.4-1ubuntu5.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-356-1 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4146 http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html BugTraq ID: 19802 http://www.securityfocus.com/bid/19802 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.osvdb.org/28318 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463 http://www.redhat.com/support/errata/RHSA-2007-0229.html http://www.redhat.com/support/errata/RHSA-2007-0469.html http://securitytracker.com/id?1017138 http://secunia.com/advisories/21713 http://secunia.com/advisories/22205 http://secunia.com/advisories/22662 http://secunia.com/advisories/25098 http://secunia.com/advisories/25632 http://secunia.com/advisories/25894 http://secunia.com/advisories/25934 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 SGI Security Advisory: 20070602-01-P ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://www.ubuntu.com/usn/usn-356-1 http://www.vupen.com/english/advisories/2006/3433 http://www.vupen.com/english/advisories/2006/4283 http://www.vupen.com/english/advisories/2007/3229
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.