-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are the CVEs for the ekg package:
> 2661: A memory leak in handling image messages, which may cause memory > exhaustion resulting in a DoS (ekg program crash). Exploitable by a > hostile GG user. Use CVE-2007-1663 > 2694: off-by-one in token OCR function, which may cause a null pointer > dereference resulting in a DoS (ekg program crash). Exploitable by MiTM > (hostile HTTP proxy or TCP stream injection) or a hostile GG server. Use CVE-2007-1664 > 2699: potential memory exhaust in token OCR function, which may cause > memory exhaustion resulting in a DoS (ekg program crash). Exploitability > same as in 2694. Use CVE-2007-1665 Micah -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGBgSY9n4qXRzy1ioRArsbAJ9GkTnA37BNM+8Ft1dVDSghdPj2mACgk7B8 4AUdBbcpFcYCV+IVvRE9Vmc= =RsZY -----END PGP SIGNATURE----- _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
