7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Several vulnerabilities have been discovered in the software suite for the
SILC protocol, a network protocol designed to provide end-to-end security
for conferencing services. The Common Vulnerabilities and Exposures
project identifies the following problems:
silc-server doesn’t need an update as it uses the shared library provided
by silc-toolkit. silc-client/silc-toolkit in the oldstable distribution
(etch) is not affected by this problem.
For the stable distribution (lenny), this problem has been fixed in
version 1.1.7-2+lenny1 of silc-toolkit and in version 1.1.4-1+lenny1
of silc-client.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.1.10-1 of silc-toolkit and version 1.1-2 of silc-client
(using libsilc from silc-toolkit since this upload).
We recommend that you upgrade your silc-toolkit/silc-client packages.
CPE | Name | Operator | Version |
---|---|---|---|
silc-client | eq | 1.1.4-1+lenny1~bpo40+1 | |
silc-client | eq | 1.1.4-1 |