The OpenVAS developers have just released an important security release
for the Open Vulnerability Assessment System release series 8

The following package was released:
- Greenbone Security Assistant 6.0.9.

We highly recommend to update your OpenVAS installation to the version
listed above as soon as possible.

It has been identified that Greenbone Security Assistant (GSA) is
vulnerable to a denial-of-service attack due to a improper handling of
UTF-8 in GET and POST requests. Given the attacker has access to a GSA
web interface, a respective HTTP request can crash gsad.

For details and current information on this vulnerability please refer
to the following page on the OpenVAS website:


The source tarballs for the releases are available for download from the
OpenVAS website at:


This page contains signatures and checksums for the source tarballs as

You can find links to the latest source tarballs for all currently
maintained releases here:


Binary packages for major GNU/Linux distributions by third parties are
expected to follow soon.


Michael Wiegand

Michael Wiegand |  Greenbone Networks GmbH  |  http://www.greenbone.net/
Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner

Attachment: pgpbwgxw7IcOa.pgp
Description: PGP signature

Openvas-announce mailing list

Reply via email to