Debian Security Advisory DSA 672-1 (xview) Network Vulnerability

Summary

The remote host is missing an update to xview announced via advisory DSA 672-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20672-1

Insight

Erik Sjölund discovered that programs linked against xview are vulnerable to a number of buffer overflows in the XView library. When the overflow is triggered in a program which is installed setuid root a malicious user could perhaps execute arbitrary code as privileged user. For the stable distribution (woody) these problems have been fixed in version 3.2p1.4-16woody2. For the unstable distribution (sid) these problems have been fixed in version 3.2p1.4-19. We recommend that you upgrade your xview packages.

Severity

Classification

CVE CVE-2005-0076

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 070-1 (netkit-telnet)
Debian Security Advisory DSA 1083-1 (motor)
Debian Security Advisory DSA 1008-1 (kdegraphics)
Debian Security Advisory DSA 102-1 (at)
Debian Security Advisory DSA 051-1 (netscape)

Take action and discover your vulnerabilities