Test Kennung:	1.3.6.1.4.1.25623.1.0.51551
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2002:542
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2002:542. gv is a program which uses the Ghostscript PostScript interpreter to display PostScript and PDF documents under the X Window System. kghostview is a KDE application which does the same. Zen Parse found[1] a buffer overflow vulnerability in gv version 3.5.8 and earlier. kghostview (from kdegraphics versions prior to 3.0.4) is also affected, since it has some code derived from the same project. An attacker can exploit this vulnerability by creating a carefully crafted pdf file that, when opened by gv or kghostview, causes the execution of arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0838 to this issue[2]. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.idefense.com/advisory/09.26.02.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838 http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:542 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002 Risk factor : Medium CVSS Score: 4.6
Querverweis:	BugTraq ID: 5808 Common Vulnerability Exposure (CVE) ID: CVE-2002-0838 http://www.securityfocus.com/bid/5808 Bugtraq: 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305778615625&w=2 Bugtraq: 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305615613319&w=2 Bugtraq: 20021017 GLSA: ggv (Google Search) http://marc.info/?l=bugtraq&m=103487806800388&w=2 Caldera Security Advisory: CSSA-2002-053.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-053.0.txt CERT/CC vulnerability note: VU#600777 http://www.kb.cert.org/vuls/id/600777 Conectiva Linux advisory: CLA-2002:542 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000542 Debian Security Information: DSA-176 (Google Search) http://www.debian.org/security/2002/dsa-176 Debian Security Information: DSA-179 (Google Search) http://www.debian.org/security/2002/dsa-179 Debian Security Information: DSA-182 (Google Search) http://www.debian.org/security/2002/dsa-182 http://www.mandriva.com/security/advisories?name=MDKSA-2002:069 http://www.mandriva.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-207.html http://www.redhat.com/support/errata/RHSA-2002-212.html http://www.redhat.com/support/errata/RHSA-2002-220.html http://www.iss.net/security_center/static/10201.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.