Test ID:	1.3.6.1.4.1.25623.1.0.67841
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2087-1)
Summary:	The remote host is missing an update for the Debian 'cabextract' package(s) announced via the DSA-2087-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'cabextract' package(s) announced via the DSA-2087-1 advisory. Vulnerability Insight: It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code. For the stable distribution (lenny), this problem has been fixed in version 1.2-3+lenny1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your cabextract package. Affected Software/OS: 'cabextract' package(s) on Debian 5. Solution: Please install the updated package(s). CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2801 42173 http://www.securityfocus.com/bid/42173 ADV-2010-1903 http://www.vupen.com/english/advisories/2010/1903 ADV-2010-1997 http://www.vupen.com/english/advisories/2010/1997 DSA-2087 http://www.debian.org/security/2010/dsa-2087 [oss-security] 20100802 CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode http://marc.info/?l=oss-security&m=128076168623266&w=2 [oss-security] 20100802 Re: CVE Request [two ids] -- cabextract -- 1, Infinite loop in MS-ZIP and Quantum decoders (minor) 2, Integer wrap-around (crash) by processing certain *.cab files in test archive mode http://marc.info/?l=oss-security&m=128077976522470&w=2 cabextract-archive-code-execution(60891) https://exchange.xforce.ibmcloud.com/vulnerabilities/60891 http://bugs.gentoo.org/show_bug.cgi?id=329891 http://libmspack.svn.sourceforge.net/viewvc/libmspack/libmspack/trunk/mspack/qtmd.c?r1=114&r2=113 http://libmspack.svn.sourceforge.net/viewvc/libmspack?view=revision&revision=118 http://www.cabextract.org.uk/#changes https://bugzilla.redhat.com/show_bug.cgi?id=620454
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.