Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200804-27 (silc-toolkit silc-client silc-server)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.60871
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200804-27 (silc-toolkit silc-client silc-server)
Summary:	The remote host is missing updates announced in;advisory GLSA 200804-27.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200804-27. Vulnerability Insight: Multiple vulnerabilities were found in SILC Client, Server, and Toolkit, allowing for Denial of Service and execution of arbitrary code. Solution: All SILC Toolkit users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/silc-toolkit-1.1.7' All SILC Client users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/silc-client-1.1.4' All SILC Server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/silc-server-1.1.2' CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1227 BugTraq ID: 28101 http://www.securityfocus.com/bid/28101 http://security.gentoo.org/glsa/glsa-200804-27.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:158 https://bugzilla.redhat.com/show_bug.cgi?id=372021 http://secunia.com/advisories/29174 http://secunia.com/advisories/29323 http://secunia.com/advisories/29946 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.vupen.com/english/advisories/2008/0769 XForce ISS Database: silctoolkit-silcfingerprint-bo(41012) https://exchange.xforce.ibmcloud.com/vulnerabilities/41012 Common Vulnerability Exposure (CVE) ID: CVE-2008-1429 BugTraq ID: 28450 http://www.securityfocus.com/bid/28450 http://www.securitytracker.com/id?1019711 http://secunia.com/advisories/29459 http://www.vupen.com/english/advisories/2008/0919/references XForce ISS Database: silc-server-newclient-dos(41307) https://exchange.xforce.ibmcloud.com/vulnerabilities/41307 Common Vulnerability Exposure (CVE) ID: CVE-2008-1552 BugTraq ID: 28373 http://www.securityfocus.com/bid/28373 Bugtraq: 20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow (Google Search) http://www.securityfocus.com/archive/1/490069/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html http://www.coresecurity.com/?action=item&id=2206 http://www.securitytracker.com/id?1019690 http://secunia.com/advisories/29463 http://secunia.com/advisories/29465 http://secunia.com/advisories/29622 http://securityreason.com/securityalert/3795 SuSE Security Announcement: SUSE-SR:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://www.vupen.com/english/advisories/2008/0974/references XForce ISS Database: silc-silcpkcs1decode-bo(41474) https://exchange.xforce.ibmcloud.com/vulnerabilities/41474
Copyright	Copyright (C) 2008 E-Soft Inc.