SUSE-SA:2007:005: w3m

medium Nessus Plugin ID 24459

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2007:005 (w3m).


A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code.

In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOURCE extensions.

This problem is tracked by the Mitre CVE ID CVE-2006-6772.

Solution

http://www.novell.com/linux/security/advisories/2007_05_w3m.html

Plugin Details

Severity: Medium

ID: 24459

File Name: suse_SA_2007_005.nasl

Version: 1.10

Agent: unix

Published: 2/18/2007

Updated: 1/14/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list