Conectiva Local Security Checks : Conectiva Security Advisory CLA-2005:925

Preis/Funktionszusammenfassung | Bestellen | Neue Anfälligkeiten | Vertraulichkeit | Anfälligkeiten Suche

Anfälligkeitssuche		Suche in 61204 CVE Beschreibungen und 32582 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.51670

Kategorie: Conectiva Local Security Checks

Titel: Conectiva Security Advisory CLA-2005:925

Zusammenfassung: Conectiva Security Advisory CLA-2005:925

Beschreibung:
The remote host is missing updates announced in
advisory CLA-2005:925.

Evolution[1] is the GNOME mailer, calendar, contact manager and
communications tool.

Max Vozeler discovered an integer overflow[2] in the helper
application camel-lock-helper. A local attacker can cause the helper
to execute arbitrary code only with the current user privileges
privileges via a malicious POP server becose it is not setuid root
neither setgid mail.

For Conectiva Linux 10, Evolution is also having a major upgrade to
2.0.3, as requested by users.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.ximian.com/products/ximian_evolution
http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:925
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000925

Risk factor : High

Querverweis: BugTraq ID: 12354
Common Vulnerability Exposure (CVE) ID: CVE-2005-0102
Conectiva Linux advisory: CLA-2005:925
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925
Debian Security Information: DSA-673 (Google Search)
http://www.debian.org/security/2005/dsa-673
http://security.gentoo.org/glsa/glsa-200501-35.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:024
http://www.redhat.com/support/errata/RHSA-2005-238.html
http://www.redhat.com/support/errata/RHSA-2005-397.html
http://www.ubuntulinux.org/support/documentation/usn/usn-69-1
http://www.securityfocus.com/bid/12354
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9616
http://securitytracker.com/id?1012981
http://secunia.com/advisories/13830
XForce ISS Database: evolution-camellockhelper-bo(19031)
http://xforce.iss.net/xforce/xfdb/19031

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 32582 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:

Benutzerkennung:

Passwort:

Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.

Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.

Datenschutz

Anmeldung für registrierte Benutzer

Benutzerkennung:

Passwort:

Benutzerkennung oder Passwort vergessen?

Email/Benutzerkennung:

Test Kennung:	1.3.6.1.4.1.25623.1.0.51670
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2005:925
Zusammenfassung:	Conectiva Security Advisory CLA-2005:925
Beschreibung:	The remote host is missing updates announced in advisory CLA-2005:925. Evolution[1] is the GNOME mailer, calendar, contact manager and communications tool. Max Vozeler discovered an integer overflow[2] in the helper application camel-lock-helper. A local attacker can cause the helper to execute arbitrary code only with the current user privileges privileges via a malicious POP server becose it is not setuid root neither setgid mail. For Conectiva Linux 10, Evolution is also having a major upgrade to 2.0.3, as requested by users. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.ximian.com/products/ximian_evolution http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:925 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000925 Risk factor : High
Querverweis:	BugTraq ID: 12354 Common Vulnerability Exposure (CVE) ID: CVE-2005-0102 Conectiva Linux advisory: CLA-2005:925 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 Debian Security Information: DSA-673 (Google Search) http://www.debian.org/security/2005/dsa-673 http://security.gentoo.org/glsa/glsa-200501-35.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 http://www.redhat.com/support/errata/RHSA-2005-238.html http://www.redhat.com/support/errata/RHSA-2005-397.html http://www.ubuntulinux.org/support/documentation/usn/usn-69-1 http://www.securityfocus.com/bid/12354 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9616 http://securitytracker.com/id?1012981 http://secunia.com/advisories/13830 XForce ISS Database: evolution-camellockhelper-bo(19031) http://xforce.iss.net/xforce/xfdb/19031
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com