How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Oracle Linux host is missing a security update.
From Red Hat Security Advisory 2009:1572 :
An updated 4Suite package that fixes one security issue is now
available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The 4Suite package contains XML-related tools and libraries for
Python, including 4DOM, 4XSLT, 4XPath, 4RDF, and 4XPointer.
A buffer over-read flaw was found in the way 4Suite's XML parser
handles malformed UTF-8 sequences when processing XML files. A
specially crafted XML file could cause applications using the 4Suite
library to crash while parsing the file. (CVE-2009-3720)
Note: In Red Hat Enterprise Linux 3, this flaw only affects a
non-default configuration of the 4Suite package: configurations where
the beta version of the cDomlette module is enabled.
All 4Suite users should upgrade to this updated package, which
contains a backported patch to correct this issue. After installing
the updated package, applications using the 4Suite XML-related tools
and libraries must be restarted for the update to take effect.
See also :
Update the affected 4suite package.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true
Family: Oracle Linux Local Security Checks
Nessus Plugin ID: 67957 ()
Bugtraq ID: 36097
CVE ID: CVE-2009-3720
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.