Debian Project

Debian testing security team - Advisory

DTSA-55-1

Date Reported:
September 1st , 2007
Affected Package:
centerim
Vulnerability:
buffer overflows
Problem-Scope:
remote
Debian-specific:
No
CVE:
CVE-2007-3713

More information:
It was discovered that there are multiple buffer overflows, which could lead  
to the execution of arbitrary code. 
 
CVE-2007-3713 
 
Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow 
remote attackers to execute arbitrary code via unspecified vectors. 
NOTE: the provenance of this information is unknown; the details are  
obtained solely from third party information. NOTE: this might overlap 
CVE-2007-0160. 

For the testing distribution (lenny) this is fixed in version 4.22.1-2lenny1
For the unstable distribution (sid) this is fixed in version 4.22.1-2.1

This upgrade is recommended if you use centerim.

If you have the secure testing lines in your sources.list, you can update by running this command as root:
apt-get update && apt-get upgrade


To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:

deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free


Valid HTML 4.01! Valid CSS!