aru Posted March 4, 2004 Report Share Posted March 4, 2004 MandrakeSoft Security Advisory MDKSA-2004:017 : pwlib March 3rd, 2004 Updated pwlib packages fix vulnerability The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test suite for the H.225 protocol. An attacker could trigger these bugs by sending carefully crafted messages to an application that uses pwlib, and the severity would vary based on the application, but likely would result in a Denial of Service (DoS). The updated packages provide backported fixes from Craig Southeren of the OpenH323 project to protect against this issue. The released versions of Mandrake GNU/Linux affected are: 9.1 9.2 9.2/AMD64 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:017 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0097 Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts