Debian Security Advisory DSA 747-1 (egroupware) Network Vulnerability

Summary

The remote host is missing an update to egroupware announced via advisory DSA 747-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20747-1

Insight

A vulernability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware. The old stable distribution (woody) did not include egroupware. For the current stable distribution (sarge), this problem is fixed in version 1.0.0.007-2.dfsg-2sarge1. For the unstable distribution (sid), this problem is fixed in version 1.0.0.007-3.dfsg-1. We recommend that you upgrade your egroupware package.

Severity

Classification

CVE CVE-2005-1921
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1082-1 (kernel-2.4.17)
Debian Security Advisory DSA 100-1 (gzip)
Debian Security Advisory DSA 1017-1 (kernel-source-2.6.8)
Debian Security Advisory DSA 096-1 (mutt)
Debian Security Advisory DSA 1046-1 (mozilla)

Take action and discover your vulnerabilities