SUSE-SA:2007:005: w3m

Medium Nessus Plugin ID 24459


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2007:005 (w3m).

A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code.

In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOURCE extensions.

This problem is tracked by the Mitre CVE ID CVE-2006-6772.


Plugin Details

Severity: Medium

ID: 24459

File Name: suse_SA_2007_005.nasl

Version: $Revision: 1.5 $

Agent: unix

Published: 2007/02/18

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list