Detections
Analytics
Mandrake Linux Security Advisory : dia (MDKSA-2006:062)
high Nessus Plugin ID 21177
Synopsis
The remote Mandrake Linux host is missing a security update.Description
Three buffer overflows were discovered by infamous41md in dia's xfig import code. This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth.Updated packages have been patched to correct this issue.
Solution
Update the affected dia package.See Also
http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html
Plugin Details
Severity: High
ID: 21177
File Name: mandrake_MDKSA-2006-062.nasl
Version: 1.16
Type: local
Family: Mandriva Local Security Checks
Published: 4/4/2006
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:dia, cpe:/o:mandriva:linux:2006
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 4/3/2006
Reference Information
CVE: CVE-2006-1550
MDKSA: 2006:062