Package: nuauth Version: 1.0.16-1 Severity: normal Tags: security
Good day, Quoting http://www.nufw.org/+NuFW-1-21-minor-security-fix+.html : | This release fixes an issue related to a misuse of GnuTLS. An | authenticated user using a specially modified client could by generating | a lot of network traffic hang after a long delay one thread of the | authentication server. This could cause nuauth to disfunction till the | system destroys the concerned socket. In extreme cases this could lead | to a denial of service on the authentication server. This is CVE-2006-0956, please mention it in the changelog when fixing it. Regards. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
