Synopsis
The remote host is missing a vendor-supplied security patch
Description
The remote host is missing the patch for the advisory SUSE-SA:2007:005 (w3m).
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code.
In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOURCE extensions.
This problem is tracked by the Mitre CVE ID CVE-2006-6772.
Solution
http://www.novell.com/linux/security/advisories/2007_05_w3m.html
Plugin Details
File Name: suse_SA_2007_005.nasl
Agent: unix
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
Required KB Items: Host/SuSE/rpm-list