Security Check Details

USN569-1 : libxml2 vulnerability

Synopsis :

These remote packages are missing security patches :
- libxml2
- libxml2-dbg
- libxml2-dev
- libxml2-doc
- libxml2-utils
- python-libxml2
- python-libxml2-dbg
- python2.4-libxml2


Description :

Brad Fitzpatrick discovered that libxml2 did not correctly handle certain
UTF-8 sequences. If a remote attacker were able to trick a user or
automated system into processing a specially crafted XML document, the
application linked against libxml2 could enter an infinite loop, leading
to a denial of service via CPU resource consumption.

Solution :

Upgrade to :
- libxml2-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- libxml2-dbg-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- libxml2-dev-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- libxml2-doc-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- libxml2-utils-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- python-libxml2-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- python-libxml2-dbg-2.6.30.dfsg-2ubuntu1.1 (Ubuntu 7.10)
- python2.4-libxml2-2.6.24.dfsg-1ubuntu1.1 (Ubuntu 6.06)



Risk factor : High


More at Nessus.org

Web Site Monitoring · Security Scan · Features · FAQ · Pricing · About Us · Contact Us · Site Map