Network Security Audits / Vulnerability Assessments by SecuritySpace

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-49
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 15 Oct 2007
Last revised: 15 Oct 2007

Package: doxygen

Summary: Denial of service attack

More information:
    Doxygen is a documentation system for C++, C, Java, Objective-C, Python, IDL (Corba
    and Microsoft flavors) and to some extent PHP, C#, and D.

    Allows context-dependent attackers to cause a denial of service (crash) via malformed.
    Buffer overflow allows context-dependent attackers to cause a denial of service.

Impact:
    Remote attacker could craft an image.

  Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux 11 FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal

<Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   doxygen-1.3.8-5.src.rpm
      3253400 121592b4bfa106d5db2dc8d85e9edc0e

   Binary Packages
   Size: MD5

   doxygen-1.3.8-5.i586.rpm
      2276616 16c79d6958c29f4ba3dab375f822be80

<Turbolinux FUJI>

   Source Packages
   Size: MD5

   doxygen-1.4.4-2.src.rpm
      3372527 2bb6539c866097ff1e82a5640d08687f

   Binary Packages
   Size: MD5

   doxygen-1.4.4-2.i686.rpm
      2480661 b55a7ec5452915e1871ab8c88740a315
   doxygen-doxywizard-1.4.4-2.i686.rpm
        86073 0d22fb16aba1092038e4addd3ef6ed72

<Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/doxygen-1.3.8-5.src.rpm
      3253400 235ad04d82e581b9a5a5727300c86a0e

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/doxygen-1.3.8-5.x86_64.rpm
      2495418 31b294aee582669af3cb4d3920917788

<Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/doxygen-1.3.8-5.src.rpm
      3253400 121592b4bfa106d5db2dc8d85e9edc0e

   Binary Packages
   Size: MD5

   doxygen-1.3.8-5.i586.rpm
      2276616 16c79d6958c29f4ba3dab375f822be80
   doxygen-debug-1.3.8-5.i586.rpm
       179956 66b2ecfcf45de896322fa38437808b86
   doxygen-doxywizard-1.3.8-5.i586.rpm
        95887 2cb65f762d4a8fd52a69a18d40e06ab0

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/doxygen-1.3.1-2.src.rpm
      2803079 d4fe5006c1f55d44c090db9c55bbbcd5

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/doxygen-1.3.1-2.i586.rpm
      1864443 b91c444c0dcb011d654373951c4c8365

References:

CVE
   [CVE-2006-3334]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3334
   [CVE-2006-5793]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793

--------------------------------------------------------------------------
Revision History
    15 Oct 2007 Initial release
--------------------------------------------------------------------------

Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHE0k/K0LzjOqIJMwRAkaTAJ9DfS9/4fuQuKcTQO/MKLFLq+Z3UACfRM1R
rqX/MLL95wGD95xTqKUYmt8=
=k/Wq
-----END PGP SIGNATURE-----