Debian Security Advisory DSA 678-1 (netkit-rwho) Network Vulnerability

Summary

The remote host is missing an update to netkit-rwho announced via advisory DSA 678-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20678-1

Insight

Vlad902 discovered a vulnerability in the rwhod program that can be used to crash the listening process. The broadcasting one is unaffected. This vulnerability only affects little endian architectures (i.e. on Debian: alpha, arm, alpha, ia64, i386, mipsel and s390). For the stable distribution (woody) this problem has been fixed in version 0.17-4woody2. For the unstable distribution (sid) this problem has been fixed in version 0.17-8. We recommend that you upgrade your rwhod package.

Severity

Classification

CVE CVE-2004-1180

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1098-1 (horde3)
Debian Security Advisory DSA 1093-1 (xine-ui)
Debian Security Advisory DSA 1144-1 (chmlib)
Debian Security Advisory DSA 1154-1 (squirrelmail)
Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)

Take action and discover your vulnerabilities