Synopsis
The remote host is missing a vendor-supplied security patch
Description
The remote host is missing the patch for the advisory SUSE-SA:2006:037 (freetype2, freetype2-devel).
The freetype2 library renders TrueType fonts for open source projects.
More than 900 packages on SUSE Linux use this library. Therefore the integer overflows in this code found by Josh Bressers and Chris Evans might have a high impact on the security of a desktop system.
The bugs can lead to a remote denial-of-service attack and may lead to remote command execution. The user needs to use a program that uses freetype2 (almost all GUI applications do) and let this program process malicious font data.
Solution
http://www.novell.com/linux/security/advisories/2006_37.freetype.html
Plugin Details
File Name: suse_SA_2006_037.nasl
Agent: unix
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
Required KB Items: Host/SuSE/rpm-list