Debian Security Advisory DSA 678-1 (netkit-rwho) Network Vulnerability

Summary

The remote host is missing an update to netkit-rwho announced via advisory DSA 678-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20678-1

Insight

Vlad902 discovered a vulnerability in the rwhod program that can be used to crash the listening process. The broadcasting one is unaffected. This vulnerability only affects little endian architectures (i.e. on Debian: alpha, arm, alpha, ia64, i386, mipsel and s390). For the stable distribution (woody) this problem has been fixed in version 0.17-4woody2. For the unstable distribution (sid) this problem has been fixed in version 0.17-8. We recommend that you upgrade your rwhod package.

Severity

Classification

CVE CVE-2004-1180
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1111-1 (kernel-source-2.6.8 et. al.)
Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1056-1 (webcalendar)
Debian Security Advisory DSA 1053-1 (mozilla)

Take action and discover your vulnerabilities