NASLDB: Mandrake Linux Security Advisory : pwlib (MDKSA-2004:017)
General
ID: 14117
Name: Mandrake Linux Security Advisory : pwlib (MDKSA-2004:017)
Summary: Checks rpm output for the updated packages
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –
Port: 0
Family: Mandriva Local Security Checks
Type: Local
Description
The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test
suite for the H.225 protocol. An attacker could trigger these bugs by
sending carefully crafted messages to an application that uses pwlib,
and the severity would vary based on the application, but likely would
result in a Denial of Service (DoS).
The updated packages provide backported fixes from Craig Southeren of
the OpenH323 project to protect against this issue.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2004-0097
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: 2004/03/03
Plugin Release: 2004/07/31
Plugin
Version: 1.12
Filename: mandrake_MDKSA-2004-017.nasl
Filesize: 3628 bytes
MD5 Hash: bb4d5e6d7c2fef127053f2371caf00cf
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2004-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack