Test ID:	1.3.6.1.4.1.25623.1.0.53819
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 069-1 (xloadimage)
Summary:	The remote host is missing an update to xloadimage;announced via advisory DSA 069-1.
Description:	Summary: The remote host is missing an update to xloadimage announced via advisory DSA 069-1. Vulnerability Insight: The version of xloadimage (a graphics files viewer for X) that was shipped in Debian GNU/Linux 2.2 has a buffer overflow in the code that handles FACES format images. This could be exploited by an attacker by tricking someone into viewing a specially crafted image using xloadimage which would allow him to execute arbitrary code. This problem was fixed in version 4.1-5potato1. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0775 BugTraq ID: 3006 http://www.securityfocus.com/bid/3006 Bugtraq: 20010710 xloadimage remote exploit - tstot.c (Google Search) http://www.securityfocus.com/archive/1/195823 Debian Security Information: DSA-069 (Google Search) http://www.debian.org/security/2001/dsa-069 Debian Security Information: DSA-695 (Google Search) http://www.debian.org/security/2005/dsa-695 http://www.gentoo.org/security/en/glsa/glsa-200503-05.xml http://www.redhat.com/support/errata/RHSA-2001-088.html SuSE Security Announcement: SA:2001:024 (Google Search) http://www.novell.com/linux/security/advisories/2001_024_xli_txt.html http://www.iss.net/security_center/static/6821.php
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.