 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.51421 |
| Kategorie: | Conectiva Local Security Checks |
| Titel: | Conectiva Security Advisory CLA-2003:648 |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing updates announced in advisory CLA-2003:648. Evolution is a Gnome-based personal information manager (PIM). It includes email, address book, calendar and other integrated features. Core Security Technologies found[1] several vulnerabilities in Evolution <= 1.2.2 and in the gtkhtml library (which is used by Evolution and other gnome programs to render basic HTML). These vulnerabilities can be exploited by remote attackers (using specially crafted e-mails) to crash evolution, cause general system instability through resource starvation or to bypass some security restrictions. The Common Vulnerabilities and Exposures (CVE) project has assigned the names CVE-2003-0128, CVE-2003-0129 and CVE-2003-0130 to the issues[2,3,4] discovered. In Conectiva Linux 7.0 and 8, Evolution is being upgraded to the 1.0.3 version with patches to fix the vulnerabilities. Note that in order to upgrade Evolution in Conectiva Linux 7.0, several packages had to be added (Gnome components necessary to run the 1.0.3 version of Evolution that were not distributed with Conectiva Linux 7.0). These packages are included in this update. The Evolution package distributed with Conectiva Linux 9 (evolution-1.2.2-28320cl) already has the fixes for its vulnerabilities [2,3]. For this version of Conectiva Linux, only the fix for the gtkhml vulnerability[4] is included. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0130 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:648 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : Medium CVSS Score: 5.0 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2003-0128 BugTraq ID: 7117 http://www.securityfocus.com/bid/7117 Bugtraq: 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent (Google Search) http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0141.html Bugtraq: 20030321 GLSA: evolution (200303-18) (Google Search) http://marc.info/?l=bugtraq&m=104826470527308&w=2 Conectiva Linux advisory: CLA-2003:648 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000648 http://www.gentoo.org/security/en/glsa/glsa-200303-18.xml http://www.mandriva.com/security/advisories?name=MDKSA-2003:045 http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A107 http://www.redhat.com/support/errata/RHSA-2003-108.html Common Vulnerability Exposure (CVE) ID: CVE-2003-0129 BugTraq ID: 7118 http://www.securityfocus.com/bid/7118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A108 Common Vulnerability Exposure (CVE) ID: CVE-2003-0130 BugTraq ID: 7119 http://www.securityfocus.com/bid/7119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A111 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |