Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2007:0208
HistoryMay 02, 2007 - 9:01 a.m.

w3c security update

2007-05-0209:01:09
CentOS Project
lists.centos.org
42

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.8%

JSON

CentOS Errata and Security Advisory CESA-2007:0208

w3c-libwww is a general-purpose web library.

Several buffer overflow flaws in w3c-libwww were found. If a client
application that uses w3c-libwww connected to a malicious HTTP server, it
could trigger an out of bounds memory access, causing the client
application to crash (CVE-2005-3183).

This updated version of w3c-libwww also fixes an issue when computing MD5
sums on a 64 bit machine.

Users of w3c-libwww should upgrade to these updated packages, which contain
backported patches to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-May/075873.html
https://lists.centos.org/pipermail/centos-announce/2007-May/075893.html

Affected packages:
w3c-libwww
w3c-libwww-apps
w3c-libwww-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2007:0208

OSVersionArchitecturePackageVersionFilename
CentOS4ia64w3c-libwww< 5.4.0-10.1.RHEL4.2w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm
CentOS4ia64w3c-libwww-apps< 5.4.0-10.1.RHEL4.2w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm
CentOS4ia64w3c-libwww-devel< 5.4.0-10.1.RHEL4.2w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm
CentOS4s390w3c-libwww< 5.4.0-10.1.RHEL4.2w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm
CentOS4s390w3c-libwww-apps< 5.4.0-10.1.RHEL4.2w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390.rpm
CentOS4s390w3c-libwww-devel< 5.4.0-10.1.RHEL4.2w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390.rpm
CentOS4s390xw3c-libwww< 5.4.0-10.1.RHEL4.2w3c-libwww-5.4.0-10.1.RHEL4.2.s390x.rpm
CentOS4s390xw3c-libwww-apps< 5.4.0-10.1.RHEL4.2w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390x.rpm
CentOS4s390xw3c-libwww-devel< 5.4.0-10.1.RHEL4.2w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390x.rpm

Related

redhat 1
nessus 9
oraclelinux 1
ubuntu 1
cve 1
ubuntucve 1
freebsd 1
redhat
redhat
(RHSA-2007:0208) Low: w3c-libwww security and bug fix update
2007-05-01 00:00:00
nessus
nessus
CentOS 4 : w3c-libwww (CESA-2007:0208)
2013-06-29 00:00:00
Mandrake Linux Security Advisory : w3c-libwww (MDKSA-2005:210)
2006-01-15 00:00:00
Fedora Core 3 : w3c-libwww-5.4.0-10.0.FC3.1 (2005-953)
2005-10-11 00:00:00
oraclelinux
oraclelinux
Low: w3c-libwww security and bug fix update
2007-05-17 00:00:00
ubuntu
ubuntu
w3c-libwww vulnerability
2005-12-01 00:00:00
cve
cve
CVE-2005-3183
2005-10-12 22:02:00
ubuntucve
ubuntucve
CVE-2005-3183
2005-10-12 00:00:00
freebsd
freebsd
libwww -- multiple vulnerabilities
2005-10-12 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

70.8%

JSON
Related for CESA-2007:0208
redhat1nessus9oraclelinux1ubuntu1cve1ubuntucve1freebsd1