Test ID:	1.3.6.1.4.1.25623.1.0.60288
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2008:032 (boost)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to boost announced via advisory MDVSA-2008:032. Tavis Ormandy and Will Drewry found that the bost library did not properly perform input validation on regular expressions. An attacker could exploit this by sening a specially crafted regular expression to an application linked against boost and cause a denial of service via an application crash. The updated packages have been patched to correct this issue. Affected: 2007.0, 2007.1, 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:032 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0171 BugTraq ID: 27325 http://www.securityfocus.com/bid/27325 Bugtraq: 20080213 rPSA-2008-0063-1 boost (Google Search) http://www.securityfocus.com/archive/1/488102/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html http://www.gentoo.org/security/en/glsa/glsa-200802-08.xml http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:032 http://secunia.com/advisories/28511 http://secunia.com/advisories/28527 http://secunia.com/advisories/28545 http://secunia.com/advisories/28705 http://secunia.com/advisories/28860 http://secunia.com/advisories/28943 http://secunia.com/advisories/29323 http://secunia.com/advisories/48099 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.ubuntu.com/usn/usn-570-1 http://www.vupen.com/english/advisories/2008/0249 Common Vulnerability Exposure (CVE) ID: CVE-2008-0172
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.