Test ID:	1.3.6.1.4.1.25623.1.0.61324
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2008:158 (silc-toolkit)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to silc-toolkit announced via advisory MDVSA-2008:158. A vulnerability was found in the SILC toolkit before version 1.1.5 that allowed a remote attacker to cause a denial of service (crash), or possibly execute arbitrary code via long input data (CVE-2008-1227). A vulnerability was found in the SILC toolkit before version 1.1.7 that allowed a remote attacker to execute arbitrary code via a crafted PKCS#2 message (CVE-2008-1552). The updated packages have been patched to correct these issues. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:158 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1227 BugTraq ID: 28101 http://www.securityfocus.com/bid/28101 http://security.gentoo.org/glsa/glsa-200804-27.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:158 https://bugzilla.redhat.com/show_bug.cgi?id=372021 http://secunia.com/advisories/29174 http://secunia.com/advisories/29323 http://secunia.com/advisories/29946 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.vupen.com/english/advisories/2008/0769 XForce ISS Database: silctoolkit-silcfingerprint-bo(41012) https://exchange.xforce.ibmcloud.com/vulnerabilities/41012 Common Vulnerability Exposure (CVE) ID: CVE-2008-1552 BugTraq ID: 28373 http://www.securityfocus.com/bid/28373 Bugtraq: 20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow (Google Search) http://www.securityfocus.com/archive/1/490069/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html http://www.coresecurity.com/?action=item&id=2206 http://www.securitytracker.com/id?1019690 http://secunia.com/advisories/29463 http://secunia.com/advisories/29465 http://secunia.com/advisories/29622 http://securityreason.com/securityalert/3795 SuSE Security Announcement: SUSE-SR:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://www.vupen.com/english/advisories/2008/0974/references XForce ISS Database: silc-silcpkcs1decode-bo(41474) https://exchange.xforce.ibmcloud.com/vulnerabilities/41474
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.