| Beschreibung: | Description:
The remote host is missing updates announced in
advisory TSLSA-2006-0008.
gnupg < TSL 3.0 >
- New Upstream.
- SECURITY Fix: Taviso has reported a verification weakness in gpgv where
some input could lead to gpgv exiting with 0 even if the detached
signature file did not carry any signature.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0455 to this issue.
gnutls < TSL 3.0 >
- SECURITY Fix: Evgeny Legerov has reported some vulnerabilities in
GnuTLS libtasn1, which potentially can be exploited by malicious
people to cause a DoS. The vulnerabilities are caused due to errors
within the DER decoder in libtasn1. This can be exploited to crash an
application that uses the library via specially-crafted input.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0645 to this issue.
libtasn1 < TSL 3.0 >
- SECURITY Fix: Evgeny Legerov has reported some vulnerabilities in
libtasn1, which potentially can be exploited by malicious
people to cause a DoS. The vulnerabilities are caused due to errors
within the DER decoder in libtasn1. This can be exploited to crash an
application that uses the library via specially-crafted input.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0645 to this issue.
postgresql < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- New Upstream.
- SECURITY Fix: Akio Ishida has reported an error in SET SESSION
AUTHORIZATION command which can be exploited to crash the server
process, if it has been compiled with Asserts enabled.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0678 to this issue.
Solution:
Update your system with the packages as indicated in
the referenced security advisory.
http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0008
Risk factor : High
CVSS Score:
7.5
|
