Test ID:	1.3.6.1.4.1.25623.1.0.54752
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200411-31 (ProZilla)
Summary:	The remote host is missing updates announced in;advisory GLSA 200411-31.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200411-31. Vulnerability Insight: ProZilla contains several buffer overflow vulnerabilities that can be exploited by a malicious server to execute arbitrary code with the rights of the user running ProZilla. Solution: Currently, there is no released version of ProZilla that contains a fix for these issues. The original author did not respond to our queries, the code contains several other problems and more secure alternatives exist. Therefore, the ProZilla package has been hard-masked prior to complete removal from Portage, and current users are advised to unmerge the package. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1120 BugTraq ID: 11734 http://www.securityfocus.com/bid/11734 Bugtraq: 20041124 Prozilla Remote Exploit (Google Search) http://www.securityfocus.com/archive/1/382219 Debian Security Information: DSA-663 (Google Search) http://www.debian.org/security/2005/dsa-663 http://www.gentoo.org/security/en/glsa/glsa-200411-31.xml XForce ISS Database: prozilla-bo(18210) https://exchange.xforce.ibmcloud.com/vulnerabilities/18210
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.