Debian Security Advisory DSA 333-1 (acm) Network Vulnerability

Summary

The remote host is missing an update to acm announced via advisory DSA 333-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20333-1

Insight

acm, a multi-player aerial combat simulation, uses a network protocol based on the same RPC implementation used in many C libraries. This implementation was found to contain an integer overflow vulnerability which could be exploited to execute arbitrary code. For the stable distribution (woody) this problem has been fixed in version 5.0-3.woody.1. For the unstable distribution (sid) this problem has been fixed in version 5.0-10. We recommend that you update your acm package.

Severity

Classification

CVE CVE-2002-0391

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 063-1 (xinetd)
Debian Security Advisory DSA 1021-1 (netpbm-free)
Debian Security Advisory DSA 1043-1 (abcmidi)
Debian Security Advisory DSA 026-1 (bind)
Debian Security Advisory DSA 108-1 (wmtv)

Take action and discover your vulnerabilities