Summary
This host has SILC Client/Toolkit installed, and is prone to Format String vulnerability.
Impact
Attackers can exploit this iisue to execute arbitrary code in the context of the affected application and compromise the system.
Impact Level: Application/System
Solution
Apply the patch or upgrade to SILC Client 1.1.8.
http://silcnet.org/
http://www.securityfocus.com/bid/35940/solution
*****
NOTE: Please ignore this warning if the patch is already applied.
*****
Insight
A format string error occurs in 'lib/silcclient/client_entry.c' while processing format string specifiers in the nickname field.
Affected
SILC Client prior to 1.1.8
SILC Toolkit prior to 1.1.10.
References
Severity
Classification
-
CVE CVE-2009-3051 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Mac OS X)
- Adobe Flash Media Server Multiple Remote Security Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)