Debian Security Advisory DSA 327-1 (xbl) Network Vulnerability

Summary

The remote host is missing an update to xbl announced via advisory DSA 327-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20327-1

Insight

Steve Kemp discovered several buffer overflows in xbl, a game, which can be triggered by long command line arguments. This vulnerability could be exploited by a local attacker to gain gid 'games'. For the stable distribution (woody) this problem has been fixed in version 1.0k-3woody1. For the old stable distribution (potato) this problem has been fixed in version 1.0i-7potato1. For the unstable distribution (sid) this problem is fixed in version 1.0k-5. We recommend that you update your xbl package.

Severity

Classification

CVE CVE-2003-0451

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1152-1 (trac)
Debian Security Advisory DSA 1064-1 (cscope)
Debian Security Advisory DSA 084-1 (gftp)
Debian Security Advisory DSA 1050-1 (clamav)
Debian Security Advisory DSA 1054-1 (tiff)

Take action and discover your vulnerabilities