Mandrake Linux Security Advisory : kdenetwork (MDKSA-2007:009)

medium Nessus Plugin ID 24625

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference.

Updated packages are patched to address this issue.

Solution

Update the affected packages.

Plugin Details

Severity: Medium

ID: 24625

File Name: mandrake_MDKSA-2007-009.nasl

Version: 1.16

Type: local

Published: 2/18/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:kdenetwork, p-cpe:/a:mandriva:linux:kdenetwork-common, p-cpe:/a:mandriva:linux:kdenetwork-kdict, p-cpe:/a:mandriva:linux:kdenetwork-kget, p-cpe:/a:mandriva:linux:kdenetwork-knewsticker, p-cpe:/a:mandriva:linux:kdenetwork-kopete, p-cpe:/a:mandriva:linux:kdenetwork-kopete-latex, p-cpe:/a:mandriva:linux:kdenetwork-kppp, p-cpe:/a:mandriva:linux:kdenetwork-kppp-provider, p-cpe:/a:mandriva:linux:kdenetwork-krfb, p-cpe:/a:mandriva:linux:kdenetwork-ksirc, p-cpe:/a:mandriva:linux:kdenetwork-ktalk, p-cpe:/a:mandriva:linux:kdenetwork-kwifimanager, p-cpe:/a:mandriva:linux:lib64kdenetwork2-common, p-cpe:/a:mandriva:linux:lib64kdenetwork2-common-devel, p-cpe:/a:mandriva:linux:lib64kdenetwork2-kdict, p-cpe:/a:mandriva:linux:lib64kdenetwork2-knewsticker, p-cpe:/a:mandriva:linux:lib64kdenetwork2-kopete, p-cpe:/a:mandriva:linux:lib64kdenetwork2-kopete-devel, p-cpe:/a:mandriva:linux:lib64kdenetwork2-ksirc, p-cpe:/a:mandriva:linux:lib64kdenetwork2-kwifimanager, p-cpe:/a:mandriva:linux:libkdenetwork2-common, p-cpe:/a:mandriva:linux:libkdenetwork2-common-devel, p-cpe:/a:mandriva:linux:libkdenetwork2-kdict, p-cpe:/a:mandriva:linux:libkdenetwork2-knewsticker, p-cpe:/a:mandriva:linux:libkdenetwork2-kopete, p-cpe:/a:mandriva:linux:libkdenetwork2-kopete-devel, p-cpe:/a:mandriva:linux:libkdenetwork2-ksirc, p-cpe:/a:mandriva:linux:libkdenetwork2-kwifimanager, p-cpe:/a:mandriva:linux:lisa, cpe:/o:mandriva:linux:2007

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 1/10/2007

Reference Information

CVE: CVE-2006-6811

MDKSA: 2007:009