Debian Security Advisory DSA 1634-1 (wordnet) Network Vulnerability

Summary

The remote host is missing an update to wordnet announced via advisory DSA 1634-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201634-1

Insight

Rob Holland discovered several programming errors in WordNet, an electronic lexical database of the English language. These flaws could allow arbitrary code execution when used with untrusted input, for example when WordNet is in use as a back end for a web application. For the stable distribution (etch), these problems have been fixed in version 1:2.1-4+etch1. For the testing distribution (lenny), these problems have been fixed in version 1:3.0-11+lenny1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your wordnet package.

Severity

Classification

CVE CVE-2008-2149

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 005-1 (slocate)
Debian Security Advisory DSA 070-1 (netkit-telnet)
Debian Security Advisory DSA 102-2 (at)
Debian Security Advisory DSA 1083-1 (motor)
Debian Security Advisory DSA 1044-1 (mozilla-firefox)

Take action and discover your vulnerabilities