Debian Local Security Checks : Debian Security Advisory DSA 1088-1 (centericq)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.56858

Category: Debian Local Security Checks

Title: Debian Security Advisory DSA 1088-1 (centericq)

Summary: Debian Security Advisory DSA 1088-1 (centericq)

Description: The remote host is missing an update to centericq
announced via advisory DSA 1088-1.

Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the
ktools library which is used in centericq, a text-mode multi-protocol
instant messenger client, which may lead local or remote attackers to
execute arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 4.5.1-1.1woody2.

For the stable distribution (sarge) this problem has been fixed in
version 4.20.0-1sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 4.21.0-6.

We recommend that you upgrade your centericq package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201088-1

Cross-Ref: BugTraq ID: 15600
Common Vulnerability Exposure (CVE) ID: CVE-2005-3863
Bugtraq: 20051127 ZRCSA-200503 - ktools Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/417906/100/0/threaded
http://www.zone-h.org/en/advisories/read/id=8480/
Debian Security Information: DSA-1083 (Google Search)
http://www.debian.org/security/2006/dsa-1083
Debian Security Information: DSA-1088 (Google Search)
http://www.debian.org/security/2006/dsa-1088
http://security.gentoo.org/glsa/glsa-200512-11.xml
http://security.gentoo.org/glsa/glsa-200608-27.xml
http://www.securityfocus.com/bid/15600
http://www.vupen.com/english/advisories/2005/2605
http://www.vupen.com/english/advisories/2006/2062
http://www.osvdb.org/21161
http://secunia.com/advisories/17768
http://secunia.com/advisories/18081
http://secunia.com/advisories/20329
http://secunia.com/advisories/20368
http://secunia.com/advisories/20446
http://secunia.com/advisories/21684
XForce ISS Database: ktools-kkstrtext-bo(23233)
http://xforce.iss.net/xforce/xfdb/23233

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.56858
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 1088-1 (centericq)
Summary:	Debian Security Advisory DSA 1088-1 (centericq)
Description:	The remote host is missing an update to centericq announced via advisory DSA 1088-1. Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the ktools library which is used in centericq, a text-mode multi-protocol instant messenger client, which may lead local or remote attackers to execute arbitrary code. For the old stable distribution (woody) this problem has been fixed in version 4.5.1-1.1woody2. For the stable distribution (sarge) this problem has been fixed in version 4.20.0-1sarge4. For the unstable distribution (sid) this problem has been fixed in version 4.21.0-6. We recommend that you upgrade your centericq package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%201088-1
Cross-Ref:	BugTraq ID: 15600 Common Vulnerability Exposure (CVE) ID: CVE-2005-3863 Bugtraq: 20051127 ZRCSA-200503 - ktools Buffer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/archive/1/417906/100/0/threaded http://www.zone-h.org/en/advisories/read/id=8480/ Debian Security Information: DSA-1083 (Google Search) http://www.debian.org/security/2006/dsa-1083 Debian Security Information: DSA-1088 (Google Search) http://www.debian.org/security/2006/dsa-1088 http://security.gentoo.org/glsa/glsa-200512-11.xml http://security.gentoo.org/glsa/glsa-200608-27.xml http://www.securityfocus.com/bid/15600 http://www.vupen.com/english/advisories/2005/2605 http://www.vupen.com/english/advisories/2006/2062 http://www.osvdb.org/21161 http://secunia.com/advisories/17768 http://secunia.com/advisories/18081 http://secunia.com/advisories/20329 http://secunia.com/advisories/20368 http://secunia.com/advisories/20446 http://secunia.com/advisories/21684 XForce ISS Database: ktools-kkstrtext-bo(23233) http://xforce.iss.net/xforce/xfdb/23233
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com