 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.58424 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-1318-1) |
| Summary: | The remote host is missing an update for the Debian 'ekg' package(s) announced via the DSA-1318-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'ekg' package(s) announced via the DSA-1318-1 advisory. Vulnerability Insight: Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2370 It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on certain architectures such as sparc. This only affects Debian Sarge. CVE-2005-2448 It was discovered that several endianness errors may allow remote attackers to cause a denial of service. This only affects Debian Sarge. CVE-2007-1663 It was discovered that a memory leak in handling image messages may lead to denial of service. This only affects Debian Etch. CVE-2007-1664 It was discovered that a null pointer deference in the token OCR code may lead to denial of service. This only affects Debian Etch. CVE-2007-1665 It was discovered that a memory leak in the token OCR code may lead to denial of service. This only affects Debian Etch. For the oldstable distribution (sarge) these problems have been fixed in version 1.5+20050411-7. This updates lacks updated packages for the m68k architecture. They will be provided later. For the stable distribution (etch) these problems have been fixed in version 1:1.7~ rc2-1etch1. For the unstable distribution (sid) these problems have been fixed in version 1:1.7~ rc2-2. We recommend that you upgrade your ekg packages. Affected Software/OS: 'ekg' package(s) on Debian 3.1, Debian 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-2370 BugTraq ID: 24600 http://www.securityfocus.com/bid/24600 Bugtraq: 20050721 Multiple vulnerabilities in libgadu and ekg package (Google Search) http://marc.info/?l=bugtraq&m=112198499417250&w=2 Debian Security Information: DSA-1318 (Google Search) http://www.debian.org/security/2007/dsa-1318 Debian Security Information: DSA-813 (Google Search) http://www.debian.org/security/2005/dsa-813 http://www.securityfocus.com/archive/1/426078/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456 http://www.redhat.com/support/errata/RHSA-2005-627.html http://secunia.com/advisories/16265 Common Vulnerability Exposure (CVE) ID: CVE-2005-2448 BugTraq ID: 14415 http://www.securityfocus.com/bid/14415 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11263 http://secunia.com/advisories/16140 http://secunia.com/advisories/16155 http://secunia.com/advisories/16363 Common Vulnerability Exposure (CVE) ID: CVE-2007-1663 http://osvdb.org/45377 XForce ISS Database: ekg-image-message-dos(35134) https://exchange.xforce.ibmcloud.com/vulnerabilities/35134 Common Vulnerability Exposure (CVE) ID: CVE-2007-1664 http://osvdb.org/45378 XForce ISS Database: ekg-token-ocr-dos(35135) https://exchange.xforce.ibmcloud.com/vulnerabilities/35135 Common Vulnerability Exposure (CVE) ID: CVE-2007-1665 http://osvdb.org/45379 XForce ISS Database: ekg-ocr-function-dos(35136) https://exchange.xforce.ibmcloud.com/vulnerabilities/35136 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |