Summary
The remote host is missing an update to streamripper announced via advisory DSA 1683-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201683-1
Insight
Multiple buffer overflows involving HTTP header and playlist parsing have been discovered in streamripper (CVE-2007-4337, CVE-2008-4829).
For the stable distribution (etch), these problems have been fixed in version 1.61.27-1+etch1.
For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 1.63.5-2.
We recommend that you upgrade your streamripper package.
Severity
Classification
-
CVE CVE-2007-4337, CVE-2008-4829 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities