Test ID:	1.3.6.1.4.1.25623.1.0.58162
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200703-24 (mgv)
Summary:	The remote host is missing updates announced in;advisory GLSA 200703-24.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200703-24. Vulnerability Insight: mgv improperly handles user-supplied data possibly allowing for the execution of arbitrary code. Solution: mgv is currently unmaintained, and the mgv website no longer exists. As such, the mgv package has been masked in Portage. We recommend that users select an alternate Postscript viewer such as ghostview or GSview, and unmerge mgv: # emerge --unmerge 'app-text/mgv' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5864 BugTraq ID: 20978 http://www.securityfocus.com/bid/20978 Bugtraq: 20061109 GNU gv Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/451057/100/0/threaded Bugtraq: 20061112 Re: GNU gv Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/451422/100/200/threaded Bugtraq: 20061128 evince buffer overflow exploit (gv) (Google Search) http://www.securityfocus.com/archive/1/452868/100/0/threaded CERT/CC vulnerability note: VU#352825 http://www.kb.cert.org/vuls/id/352825 Debian Security Information: DSA-1214 (Google Search) http://www.debian.org/security/2006/dsa-1214 Debian Security Information: DSA-1243 (Google Search) http://www.debian.org/security/2006/dsa-1243 https://www.exploit-db.com/exploits/2858 http://security.gentoo.org/glsa/glsa-200611-20.xml http://security.gentoo.org/glsa/glsa-200703-24.xml http://security.gentoo.org/glsa/glsa-200704-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:214 http://www.mandriva.com/security/advisories?name=MDKSA-2006:229 http://secunia.com/advisories/22787 http://secunia.com/advisories/22932 http://secunia.com/advisories/23006 http://secunia.com/advisories/23018 http://secunia.com/advisories/23111 http://secunia.com/advisories/23118 http://secunia.com/advisories/23183 http://secunia.com/advisories/23266 http://secunia.com/advisories/23306 http://secunia.com/advisories/23335 http://secunia.com/advisories/23353 http://secunia.com/advisories/23409 http://secunia.com/advisories/23579 http://secunia.com/advisories/24649 http://secunia.com/advisories/24787 SuSE Security Announcement: SUSE-SR:2006:026 (Google Search) http://www.novell.com/linux/security/advisories/2006_26_sr.html SuSE Security Announcement: SUSE-SR:2006:028 (Google Search) http://www.novell.com/linux/security/advisories/2006_28_sr.html SuSE Security Announcement: SUSE-SR:2006:029 (Google Search) http://www.novell.com/linux/security/advisories/2006_29_sr.html http://www.ubuntu.com/usn/usn-390-1 http://www.ubuntu.com/usn/usn-390-2 http://www.ubuntu.com/usn/usn-390-3 http://www.vupen.com/english/advisories/2006/4424 http://www.vupen.com/english/advisories/2006/4747 XForce ISS Database: evince-postscript-bo(30555) https://exchange.xforce.ibmcloud.com/vulnerabilities/30555 XForce ISS Database: gnu-gv-buffer-overflow(30153) https://exchange.xforce.ibmcloud.com/vulnerabilities/30153
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.