int(514)

Vulnerability Bulletins

Vulnerabilidad en lector de news Pan

Vulnerability classification
Property Value
Confidence level Oficial
Impact Denegación de Servicio
Dificulty Principiante
Required attacker level Acceso remoto sin cuenta a un servicio estandar

System information
Property Value
Affected manufacturer GNU/Linux
Affected software Red Hat Linux 7.1 - i386
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386
Red Hat Linux 8.0 - i386
Red Hat Linux 9 - i386

Description
Pan es un lector de news que funciona sobre Gnome/GTK+.

El fallo afecta a las versiones de Pan anteriores a la 0.13.4, y puede causar la caida del sistema al procesar noticias cuya dirección de correo origen es demasiado larga.

Solution


Actualizar software
Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/pan-0.9.7-2.71.src.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/pan-0.9.7-2.71.i386.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/pan-0.11.4-1.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/pan-0.11.4-1.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/pan-0.11.4-1.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/pan-0.11.4-1.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/pan-0.11.4-1.i386.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/pan-0.13.4-1.src.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/pan-0.13.4-1.i386.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/pan-0.14.2-1.9.src.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/pan-0.14.2-1.9.i386.rpm

Standar resources
Property Value
CVE CAN-2003-0855
BID

Other resources
RHSA-2003:311-01
http://www.redhat.com/archives/redhat-watch-list/2003-November/msg00013.html

Version history
Version Comments Date
1.0 Aviso emitido 2003-11-25
Ministerio de Defensa
CNI
CCN
CCN-CERT