openSUSE Security Update : radvd (openSUSE-SU-2011:1247-1)
High Nessus Plugin ID 75724
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update of radvd fixes the following security flaws :
- arbitrary file overwrite flaw through unsanitized interface names (CVE-2011-3602),
- missing return value checks in privsep_init() which could cause radvd to keep running with root privileges (CVE-2011-3603),
- buffer overread flaws in the process_ra() function (CVE-2011-3604),
- temporary denial of service flaw triggered with a flood of ND_ROUTER_SOLICIT (CVE-2011-3605)
SolutionUpdate the affected radvd package.