Test ID:	1.3.6.1.4.1.25623.1.0.56398
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-991-1)
Summary:	The remote host is missing an update for the Debian 'zoo' package(s) announced via the DSA-991-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'zoo' package(s) announced via the DSA-991-1 advisory. Vulnerability Insight: Jean-Sebastien Guay-Leroux discovered a buffer overflow in zoo, a utility to manipulate zoo archives, that could lead to the execution of arbitrary code when unpacking a specially crafted zoo archive. For the old stable distribution (woody) this problem has been fixed in version 2.10-9woody0. For the stable distribution (sarge) this problem has been fixed in version 2.10-11sarge0. For the unstable distribution (sid) this problem has been fixed in version 2.10-17. We recommend that you upgrade your zoo package. Affected Software/OS: 'zoo' package(s) on Debian 3.0, Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0855 BugTraq ID: 16790 http://www.securityfocus.com/bid/16790 Bugtraq: 20060223 zoo contains exploitable buffer overflows (Google Search) http://www.securityfocus.com/archive/1/425887/100/0/threaded Bugtraq: 20060403 Barracuda ZOO archiver security bug leads to remote compromise (Google Search) http://archives.neohapsis.com/archives/bugtraq/2006-04/0061.html Debian Security Information: DSA-991 (Google Search) http://www.debian.org/security/2006/dsa-991 http://www.gentoo.org/security/en/glsa/glsa-200603-05.xml http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt http://www.guay-leroux.com/projects/zoo-advisory.txt http://securitytracker.com/id?1015668 http://securitytracker.com/id?1015866 http://secunia.com/advisories/19002 http://secunia.com/advisories/19130 http://secunia.com/advisories/19148 http://secunia.com/advisories/19166 http://secunia.com/advisories/19408 http://secunia.com/advisories/19514 http://securityreason.com/securityalert/546 SuSE Security Announcement: SUSE-SR:2006:005 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_sr.html SuSE Security Announcement: SUSE-SR:2006:006 (Google Search) http://www.novell.com/linux/security/advisories/2006_06_sr.html http://www.vupen.com/english/advisories/2006/0705 http://www.vupen.com/english/advisories/2006/1220 XForce ISS Database: zoo-misc-bo(24904) https://exchange.xforce.ibmcloud.com/vulnerabilities/24904
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.