Debian Security Advisory DSA 1664-1 (ekg) Network Vulnerability

Summary

The remote host is missing an update to ekg announced via advisory DSA 1664-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201664-1

Insight

It was discovered that ekg, a console Gadu Gadu client performs insufficient input sanitising in the code to parse contact descriptions, which may result in denial of service. For the stable distribution (etch), this problem has been fixed in version 1:1.7~rc2-1etch2. For the unstable distribution (sid) and the upcoming stable distribution (lenny), this problem has been fixed in version 1:1.8~rc1-2 of libgadu. We recommend that you upgrade your ekg package.

Severity

Classification

CVE CVE-2008-4776

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1023-1 (kaffeine)
Debian Security Advisory DSA 1054-1 (tiff)
Debian Security Advisory DSA 1139-1 (ruby1.6)
Debian Security Advisory DSA 109-1 (faqomatic)
Debian Security Advisory DSA 1094-1 (gforge)

Take action and discover your vulnerabilities