English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.56590
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDKSA-2006:025 (net-snmp)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to net-snmp
announced via advisory MDKSA-2006:025.

The fixproc application in Net-SNMP creates temporary files with
predictable file names which could allow a malicious local attacker to
change the contents of the temporary file by exploiting a race
condition, which could possibly lead to the execution of arbitrary
code. As well, a local attacker could create symbolic links in the
/tmp directory that point to a valid file that would then be
overwritten when fixproc is executed (CVE-2005-1740).

A remote Denial of Service vulnerability was also discovered in the
SNMP library that could be exploited by a malicious SNMP server to
crash the agent, if the agent uses TCP sockets for communication
(CVE-2005-2177).

The updated packages have been patched to correct these problems.

Affected: 10.1, 10.2, Corporate 3.0, Multi Network Firewall 2.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:025

Risk factor : Critical

CVSS Score:
10.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-1740
BugTraq ID: 13715
http://www.securityfocus.com/bid/13715
http://security.gentoo.org/glsa/glsa-200505-18.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:025
http://www.zataz.net/adviso/net-snmp-05182005.txt
http://www.osvdb.org/16778
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11659
http://www.redhat.com/support/errata/RHSA-2005-373.html
http://www.redhat.com/support/errata/RHSA-2005-395.html
http://securitytracker.com/id?1014039
http://secunia.com/advisories/15471
http://secunia.com/advisories/16999
http://secunia.com/advisories/17135
http://secunia.com/advisories/18635
http://www.vupen.com/english/advisories/2005/0598
Common Vulnerability Exposure (CVE) ID: CVE-2005-2177
BugTraq ID: 14168
http://www.securityfocus.com/bid/14168
BugTraq ID: 21256
http://www.securityfocus.com/bid/21256
Bugtraq: 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (Google Search)
http://www.securityfocus.com/archive/1/451419/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451426/100/200/threaded
Debian Security Information: DSA-873 (Google Search)
http://www.debian.org/security/2005/dsa-873
http://www.net-snmp.org/about/ChangeLog.html
http://sourceforge.net/mailarchive/forum.php?thread_id=7659656&forum_id=12455
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9986
http://www.redhat.com/support/errata/RHSA-2005-720.html
http://securitytracker.com/id?1017273
http://secunia.com/advisories/15930
http://secunia.com/advisories/17007
http://secunia.com/advisories/17217
http://secunia.com/advisories/17282
http://secunia.com/advisories/17343
http://secunia.com/advisories/22875
http://secunia.com/advisories/23058
http://secunia.com/advisories/25373
http://secunia.com/advisories/25432
http://secunia.com/advisories/25787
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102725-1
SuSE Security Announcement: SUSE-SR:2005:024 (Google Search)
http://www.novell.com/linux/security/advisories/2005_24_sr.html
SuSE Security Announcement: SUSE-SR:2007:012 (Google Search)
http://www.novell.com/linux/security/advisories/2007_12_sr.html
SuSE Security Announcement: SUSE-SR:2007:013 (Google Search)
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.trustix.org/errata/2005/0034/
http://www.ubuntu.com/usn/usn-190-1
http://www.vupen.com/english/advisories/2006/4502
http://www.vupen.com/english/advisories/2006/4677
http://www.vupen.com/english/advisories/2007/1883
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.