Debian Security Advisory DSA 1626-1 (httrack) Network Vulnerability

Summary

The remote host is missing an update to httrack announced via advisory DSA 1626-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201626-1

Insight

Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs. For the stable distribution (etch), this problem has been fixed in version 3.40.4-3.1+etch1. For the testing (lenny) and unstable distribution (sid), this problem has been fixed in version 3.42.3-1. We recommend that you upgrade your httrack package.

Severity

Classification

CVE CVE-2008-3429
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 077-1 (squid)
Debian Security Advisory DSA 1147-1 (drupal)
Debian Security Advisory DSA 1077-1 (lynx-ssl)
Debian Security Advisory DSA 1001-1 (crossfire)

Take action and discover your vulnerabilities