Test Kennung:	1.3.6.1.4.1.25623.1.0.56618
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2006:069 (openvpn)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to openvpn announced via advisory MDKSA-2006:069. A vulnerability in OpenVPN 2.0 through 2.0.5 allows a malicious server to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. Updated packages have been patched to correct this issue by removing setenv support. Affected: 2006.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:069 Risk factor : Critical CVSS Score: 9.0
Querverweis:	BugTraq ID: 17392 Common Vulnerability Exposure (CVE) ID: CVE-2006-1629 http://www.securityfocus.com/bid/17392 Debian Security Information: DSA-1045 (Google Search) http://www.debian.org/security/2006/dsa-1045 http://www.mandriva.com/security/advisories?name=MDKSA-2006:069 http://www.osreviews.net/reviews/security/openvpn-print http://www.osvdb.org/24444 http://secunia.com/advisories/19531 http://secunia.com/advisories/19598 http://secunia.com/advisories/19837 http://secunia.com/advisories/19897 SuSE Security Announcement: SUSE-SR:2006:009 (Google Search) http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.vupen.com/english/advisories/2006/1261 XForce ISS Database: openvpn-ldpreload-code-execution(25667) https://exchange.xforce.ibmcloud.com/vulnerabilities/25667
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.