Medium Nessus Plugin ID 24459
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2007:005 (w3m).
A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code.
In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOURCE extensions.
This problem is tracked by the Mitre CVE ID CVE-2006-6772.