Test Kennung:	1.3.6.1.4.1.25623.1.0.51536
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2002:526
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2002:526. XChat is a popular graphical IRC client available in most linux distributions. XChat prior to version 1.8.9 has a vulnerability[1] that may allow a remote attacker to execute arbitrary commands in the IRC client context. The vulnerability resides in the way xchat handles the IRC server response for the /dns command. It passes the response directly to a shell without filtering it. An attacker with administration privileges in the IRC server can insert escaped commands in such a response, which will be executed by the client's shell. Please note that in order to have this vulnerability exploited, the xchat user must be connected to an IRC server where the attacker has administration privileges and must also run the /dns command. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://marc.theaimsgroup.com/?l=bugtraq&m=101725430425490&w=2 http://distro.conectiva.com.br/bugzilla/show_bug.cgi?id=6596 http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:526 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.