Mandriva Linux Security Advisory : wordnet (MDVSA-2008:182-1)

Critical Nessus Plugin ID 36999


The remote Mandriva Linux host is missing one or more security updates.


Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input (CVE-2008-2149, CVE-2008-3908).

Update :

The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that corrects the issue and also notes the additional assigned CVE name for these issues.


Update the affected packages.

Plugin Details

Severity: Critical

ID: 36999

File Name: mandriva_MDVSA-2008-182.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2009/04/23

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64wordnet3.0, p-cpe:/a:mandriva:linux:lib64wordnet3.0-devel, p-cpe:/a:mandriva:linux:libwordnet3.0, p-cpe:/a:mandriva:linux:libwordnet3.0-devel, p-cpe:/a:mandriva:linux:wordnet, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2008/09/15

Reference Information

CVE: CVE-2008-2149, CVE-2008-3908

MDVSA: 2008:182-1

CWE: 119