Lucene search
Debian Security Advisory DSA 040-1 (slrn)
🗓️ 17 Jan 2008 00:00:00Reported by Copyright (C) 2008 E-Soft Inc.Type 
openvas🔗 plugins.openvas.org👁 11 Views
Debian Security Advisory DSA 040-1 (slrn) update available for slr
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
| Debian Security Advisory DSA 040-1 (slrn) | 17 Jan 200800:00 | – | openvas |
 | CVE-2001-0441 | 27 Jun 200104:00 | – | nvd |
 | Mandrake Linux Security Advisory : slrn (MDKSA-2001:028) | 6 Sep 201200:00 | – | nessus |
| Debian DSA-040-1 : slrn - buffer overflow | 29 Sep 200400:00 | – | nessus |
 | CVE-2001-0441 | 24 May 200104:00 | – | cvelist |
 | CVE-2001-0441 | 27 Jun 200104:00 | – | cve |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53801");
script_cve_id("CVE-2001-0441");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 14:24:38 +0100 (Thu, 17 Jan 2008)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 040-1 (slrn)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB2\.2");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20040-1");
script_tag(name:"insight", value:"Bill Nottingham reported a problem in the wrapping/unwrapping
functions of the slrn newsreader. A long header in a message
might overflow a buffer and which could result into executing
arbitrary code encoded in the message.
The default configuration does not have wrapping enable, but it
can easily be enabled either by changing the configuration or
pressing W while viewing a message.
This has been fixed in version 0.9.6.2-9potato1 and we recommend
that you upgrade your slrn package immediately.");
script_tag(name:"summary", value:"The remote host is missing an update to slrn
announced via advisory DSA 040-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"slrn", ver:"0.9.6.2-9potato1", rls:"DEB2.2")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"slrnpull", ver:"0.9.6.2-9potato1", rls:"DEB2.2")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo17 Jan 2008 00:00Current
7.2High risk
Vulners AI Score7.2
CVSS27.5
EPSS0.01437