Gentoo Security Advisory GLSA 200512-11 (CenterICQ) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200512-11.

Solution

All CenterICQ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/centericq-4.21.0-r2' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200512-11 http://bugs.gentoo.org/show_bug.cgi?id=100519 http://bugs.gentoo.org/show_bug.cgi?id=114038 http://www.zone-h.org/en/advisories/read/id=8480/

Insight

CenterICQ is vulnerable to a Denial of Service issue, and also potentially to the execution of arbitrary code through an included vulnerable ktools library.

Severity

Classification

CVE CVE-2005-3694, CVE-2005-3863

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200404-21 (samba)
Gentoo Security Advisory GLSA 200405-14 (subversion)
Gentoo Security Advisory GLSA 200407-06 (libpng)
Gentoo Security Advisory GLSA 200408-23 (kdelibs)
Gentoo Security Advisory GLSA 200408-25 (MoinMoin)

Take action and discover your vulnerabilities