Oval Definition:	oval:org.mitre.oval:def:14946
Revision Date: 2014-06-23 Version: 19 Title: DSA-2369-1 libsoup2.4 -- insufficient input sanitisation Description: It was discovered that libsoup2.4, a HTTP library implementation in C, is not properly validating input when processing requests made to SoupServer. A remote attacker can exploit this flaw to access system files via a directory traversal attack. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-2524 DSA-2369-1 Platform(s): Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Product(s): libsoup2.4 Definition Synopsis Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND libsoup2.4 DPKG is earlier than 2.4.1-2+lenny1 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND Installed architecture is all AND libsoup2.4 DPKG is earlier than 2.30.2-1+squeeze1
BACK