FreeBSD Local Security Checks : FreeBSD Ports: linux-realplayer

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.56447

Kategorie: FreeBSD Local Security Checks

Titel: FreeBSD Ports: linux-realplayer

Zusammenfassung: The remote host is missing an update to the system; as announced in the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: linux-realplayer

CVE-2005-2922
Heap-based buffer overflow in the embedded player in multiple
RealNetworks products and versions including RealPlayer 10.x, RealOne
Player, and Helix Player allows remote malicious servers to cause a
denial of service (crash) and possibly execute arbitrary code via a
chunked Transfer-Encoding HTTP response in which either (1) the chunk
header length is specified as -1, (2) the chunk header with a length
that is less than the actual amount of sent data, or (3) a missing
chunk header.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-2922
BugTraq ID: 17202
http://www.securityfocus.com/bid/17202
CERT/CC vulnerability note: VU#172489
http://www.kb.cert.org/vuls/id/172489
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444
http://www.redhat.com/support/errata/RHSA-2005-762.html
http://www.redhat.com/support/errata/RHSA-2005-788.html
http://securitytracker.com/id?1015808
http://secunia.com/advisories/19358
http://secunia.com/advisories/19365
SuSE Security Announcement: SUSE-SA:2006:018 (Google Search)
http://www.novell.com/linux/security/advisories/2006_18_realplayer.html
http://www.vupen.com/english/advisories/2006/1057
XForce ISS Database: realnetworks-chunked-transferencoding-bo(25409)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25409

Copyright Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.56447
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: linux-realplayer
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: linux-realplayer CVE-2005-2922 Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2922 BugTraq ID: 17202 http://www.securityfocus.com/bid/17202 CERT/CC vulnerability note: VU#172489 http://www.kb.cert.org/vuls/id/172489 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444 http://www.redhat.com/support/errata/RHSA-2005-762.html http://www.redhat.com/support/errata/RHSA-2005-788.html http://securitytracker.com/id?1015808 http://secunia.com/advisories/19358 http://secunia.com/advisories/19365 SuSE Security Announcement: SUSE-SA:2006:018 (Google Search) http://www.novell.com/linux/security/advisories/2006_18_realplayer.html http://www.vupen.com/english/advisories/2006/1057 XForce ISS Database: realnetworks-chunked-transferencoding-bo(25409) https://exchange.xforce.ibmcloud.com/vulnerabilities/25409
Copyright	Copyright (C) 2008 E-Soft Inc.