Fedora 8 : adminutil-1.1.7-1.fc8 (2008-7642)
Critical Nessus Plugin ID 34139
SynopsisThe remote Fedora host is missing a security update.
DescriptionFixes these bugs: - CVE-2008-2928 - buffer overflow in Accept-Language parsing 413531 Web browser accepted languages configuration causes dsgw CGI binaries to segfault - improved fix for CVE-2008-2929 XSS issues (originally addressed in 1.1.6), that does not introduce heap overflow in parsing %-encoded inputs (CVE-2008-2932) 245248 dsgw doesn't escape filename in error message 454060 ViewLog CGI crash with new adminutil 1.1.6
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected adminutil package.