SUSE-SA:2005:015: openslp

Medium Nessus Plugin ID 17325


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:015 (openslp).

The SUSE Security Team reviewed critical parts of the OpenSLP package, an open source implementation of the Service Location Protocol (SLP).
SLP is used by Desktops to locate certain services such as printers and by servers to announce their services.
During the audit, various buffer overflows and out of bounds memory access have been fixed which can be triggered by remote attackers by sending malformed SLP packets.


Plugin Details

Severity: Medium

ID: 17325

File Name: suse_SA_2005_015.nasl

Version: $Revision: 1.4 $

Agent: unix

Published: 2005/03/15

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list