Summary
The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1478-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201478-1
Insight
Luigi Auriemma discovered two buffer overflows in YaSSL, an SSL implementation included in the MySQL database package, which could lead to denial of service and possibly the execution of arbitrary code.
For the unstable distribution (sid), these problems have been fixed in version 5.0.51-3.
For the stable distribution (etch), these problems have been fixed in version 5.0.32-7etch5.
The old stable distribution (sarge) doesn't contain mysql-dfsg-5.0.
We recommend that you upgrade your mysql-dfsg-5.0 package.
Severity
Classification
-
CVE CVE-2008-0226, CVE-2008-0227 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities