Test ID:	1.3.6.1.4.1.25623.1.0.61437
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1631-1)
Summary:	The remote host is missing an update for the Debian 'libxml2' package(s) announced via the DSA-1631-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'libxml2' package(s) announced via the DSA-1631-1 advisory. Vulnerability Insight: Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU and memory resources were exhausted. For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-4. For the unstable distribution (sid), this problem has been fixed in version 2.6.32.dfsg-3. We recommend that you upgrade your libxml2 package. Affected Software/OS: 'libxml2' package(s) on Debian 4. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3281 1020728 http://www.securitytracker.com/id?1020728 20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff http://www.securityfocus.com/archive/1/497962/100/0/threaded 30783 http://www.securityfocus.com/bid/30783 31558 http://secunia.com/advisories/31558 31566 http://secunia.com/advisories/31566 31590 http://secunia.com/advisories/31590 31728 http://secunia.com/advisories/31728 31748 http://secunia.com/advisories/31748 31855 http://secunia.com/advisories/31855 31982 http://secunia.com/advisories/31982 32488 http://secunia.com/advisories/32488 32807 http://secunia.com/advisories/32807 32974 http://secunia.com/advisories/32974 35379 http://secunia.com/advisories/35379 ADV-2008-2419 http://www.vupen.com/english/advisories/2008/2419 ADV-2008-2843 http://www.vupen.com/english/advisories/2008/2843 ADV-2008-2971 http://www.vupen.com/english/advisories/2008/2971 ADV-2009-1522 http://www.vupen.com/english/advisories/2009/1522 ADV-2009-1621 http://www.vupen.com/english/advisories/2009/1621 APPLE-SA-2009-06-08-1 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html APPLE-SA-2009-06-17-1 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html DSA-1631 http://www.debian.org/security/2008/dsa-1631 FEDORA-2008-7395 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00347.html FEDORA-2008-7594 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00261.html GLSA-200812-06 http://security.gentoo.org/glsa/glsa-200812-06.xml MDVSA-2008:180 http://www.mandriva.com/security/advisories?name=MDVSA-2008:180 MDVSA-2008:192 http://www.mandriva.com/security/advisories?name=MDVSA-2008:192 RHSA-2008:0836 https://rhn.redhat.com/errata/RHSA-2008-0836.html SUSE-SR:2008:018 http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html USN-640-1 http://www.ubuntu.com/usn/usn-640-1 USN-644-1 https://usn.ubuntu.com/644-1/ [Security-announce] 20081030 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff http://lists.vmware.com/pipermail/security-announce/2008/000039.html [xml] 20080820 Security fix for libxml2 http://mail.gnome.org/archives/xml/2008-August/msg00034.html http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 http://svn.gnome.org/viewvc/libxml2?view=revision&revision=3772 http://wiki.rpath.com/Advisories:rPSA-2008-0325 http://www.vmware.com/security/advisories/VMSA-2008-0017.html http://xmlsoft.org/news.html https://bugzilla.redhat.com/show_bug.cgi?id=458086 oval:org.mitre.oval:def:6496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6496 oval:org.mitre.oval:def:9812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9812
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.