aru Posted November 24, 2005 Share Posted November 24, 2005 Mandriva Advisories MDKSA-2005:210 : w3c-libwww Updated w3c-libwww packages fixes DoS vulnerability. November 9th, 2005 Sam Varshavchik discovered theHTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:210 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts