Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Gentoo: GLSA-201401-15 Normal: nginx Information Disclosure Vulnerability

gentoo
Calendar Grey January 12, 2007
Dist Gentoo Esm H88
Discover the high-severity vulnerability in w3m's SSL certificate handling that allows potential code execution or DoS stress on systems, and learn how to patch it
w3m does not correctly handle format string specifiers in SSL certificates.

Summary

Gentoo Linux Security Advisory GLSA 200701-06 https://security.gentoo.org/ Severity: Normal Title: w3m: Format string vulnerability Date: January 12, 2007 Bugs: #159145 ID: 200701-06

Synopsis ======= w3m does not correctly handle format string specifiers in SSL certificates.
Background ========= w3m is a multi-platform text-based web browser.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/w3m < 0.5.1-r4 >= 0.5.1-r4
========== w3m in -dump or -backend mode does not correctly handle printf() format string specifiers in the Common Name (CN) field of an X.509 SSL certificate.
Impact ===== An attacker could entice a user to visit a malicious website ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo format string vulnerability w3m SSL certificate normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/70427_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory gentoo format string vulnerability w3m SSL certificate normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here