Debian Security Advisory DSA 1664-1 (ekg) Network Vulnerability

Summary

The remote host is missing an update to ekg announced via advisory DSA 1664-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201664-1

Insight

It was discovered that ekg, a console Gadu Gadu client performs insufficient input sanitising in the code to parse contact descriptions, which may result in denial of service. For the stable distribution (etch), this problem has been fixed in version 1:1.7~rc2-1etch2. For the unstable distribution (sid) and the upcoming stable distribution (lenny), this problem has been fixed in version 1:1.8~rc1-2 of libgadu. We recommend that you upgrade your ekg package.

Severity

Classification

CVE CVE-2008-4776
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1055-1 (mozilla-firefox)
Debian Security Advisory DSA 1107-1 (gnupg)
Debian Security Advisory DSA 1036-1 (bsdgames)
Debian Security Advisory DSA 1141-1 (gnupg2)
Debian Security Advisory DSA 041-1 (joe)

Take action and discover your vulnerabilities