English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 76783 CVE Beschreibungen
und 40246 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58027
Kategorie:Trustix Local Security Checks
Titel:Trustix Security Advisory TSLSA-2007-0007 (Multiple packages)
Zusammenfassung:Trustix Security Advisory TSLSA-2007-0007 (Multiple packages)
Beschreibung:
The remote host is missing updates announced in
advisory TSLSA-2007-0007.

fetchmail < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Fetchmail does not properly enforce TLS and may
transmit cleartext passwords over unsecured links if certain
circumstances occur, which allows remote attackers to obtain
sensitive information via man-in-the-middle (MITM) attacks.
- A vulnerability has been reported in Fetchmail caused due to
a NULL pointer dereference error when rejecting a message sent
to an MDA, which could be exploited by attackers to cause a
denial of service.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-5867 and CVE-2006-5974 to these issues.

gd < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Buffer overflow in the gdImageStringFTEx function
in gdft.c in GD Graphics Library allows remote attackers to cause
a denial of service (application crash) and possibly execute
arbitrary code via a crafted string with a JIS encoded font.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-0455 to this issue.

php < TSL 3.0 > < TSL 2.2 >
- New Upstream.
- Includes fix for php out of memory error, Bug #2062.
- Multiple Security fixes.

postgresql < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- New upstream.
- SECURITY Fix: An unspecified error can be used to suppress certain
checks, which ensure that SQL functions return the correct data
type. This can be exploited to crash the database backend or
disclose potentially sensitive information.
- An unspecified error when changing the data type of a table column
can be exploited to crash the database backend or disclose
potentially sensitive information.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2007-0555 and CVE-2007-0556 to these issues.

samba < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- New upstream.
- SECURITY Fix: smbd allows remote authenticated users to cause a
denial of service (memory and CPU exhaustion) by renaming a file
in a way that prevents a request from being removed from the
deferred open queue, which triggers an infinite loop.
- Buffer overflow in the nss_winbind.so.1 library, as used in the
winbindd daemon, allows attackers to execute arbitrary code via
the (1) gethostbyname and (2) getipnodebyname functions.
- Format string vulnerability in the afsacl.so VFS module allows
context-dependent attackers to execute arbitrary code via format
string specifiers in a filename on an AFS file system, which is
not properly handled during Windows ACL mapping.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-0452, CVE-2007-0453 and
CVE-2007-0454 to these issue.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2007-0007

Risk factor : Critical
Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2006-5867
Bugtraq: 20070105 fetchmail security announcement 2006-02 (CVE-2006-5867) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/456115/100/0/threaded
Bugtraq: 20070218 Re: [SECURITY] [DSA 1259-1] New fetchmail packages fix information disclosure (Google Search)
http://www.securityfocus.com/archive/1/archive/1/460528/100/0/threaded
http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html
Debian Security Information: DSA-1259 (Google Search)
http://www.debian.org/security/2007/dsa-1259
http://fedoranews.org/cms/node/2429
http://security.gentoo.org/glsa/glsa-200701-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:016
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.004.html
http://www.redhat.com/support/errata/RHSA-2007-0018.html
SGI Security Advisory: 20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.517995
SuSE Security Announcement: SUSE-SR:2007:004 (Google Search)
http://www.novell.com/linux/security/advisories/2007_4_sr.html
http://www.trustix.org/errata/2007/0007
http://www.ubuntu.com/usn/usn-405-1
Cert/CC Advisory: TA07-109A
http://www.us-cert.gov/cas/techalerts/TA07-109A.html
BugTraq ID: 21903
http://www.securityfocus.com/bid/21903
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10566
http://www.vupen.com/english/advisories/2007/0087
http://www.vupen.com/english/advisories/2007/0088
http://www.vupen.com/english/advisories/2007/1470
http://osvdb.org/31580
http://securitytracker.com/id?1017478
http://secunia.com/advisories/23631
http://secunia.com/advisories/23695
http://secunia.com/advisories/23714
http://secunia.com/advisories/23781
http://secunia.com/advisories/23804
http://secunia.com/advisories/23838
http://secunia.com/advisories/23923
http://secunia.com/advisories/24007
http://secunia.com/advisories/24151
http://secunia.com/advisories/24174
http://secunia.com/advisories/24966
http://secunia.com/advisories/24284
Common Vulnerability Exposure (CVE) ID: CVE-2006-5974
Bugtraq: 20070105 fetchmail security announcement 2006-03 (CVE-2006-5974) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/456114/100/0/threaded
BugTraq ID: 21902
http://www.securityfocus.com/bid/21902
http://osvdb.org/31836
http://securitytracker.com/id?1017479
Common Vulnerability Exposure (CVE) ID: CVE-2007-0455
Bugtraq: 20070418 rPSA-2007-0073-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/archive/1/466166/100/0/threaded
http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html
http://fedoranews.org/cms/node/2631
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:035
http://www.mandriva.com/security/advisories?name=MDKSA-2007:036
http://www.mandriva.com/security/advisories?name=MDKSA-2007:038
http://www.mandriva.com/security/advisories?name=MDKSA-2007:109
RedHat Security Advisories: RHSA-2007:0155
http://rhn.redhat.com/errata/RHSA-2007-0155.html
http://www.redhat.com/support/errata/RHSA-2007-0153.html
http://www.redhat.com/support/errata/RHSA-2007-0162.html
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://www.ubuntu.com/usn/usn-473-1
BugTraq ID: 22289
http://www.securityfocus.com/bid/22289
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11303
http://secunia.com/advisories/42813
http://www.vupen.com/english/advisories/2007/0400
http://secunia.com/advisories/23916
http://secunia.com/advisories/24022
http://secunia.com/advisories/24052
http://secunia.com/advisories/24053
http://secunia.com/advisories/24107
http://secunia.com/advisories/24143
http://secunia.com/advisories/24924
http://secunia.com/advisories/24965
http://secunia.com/advisories/24945
http://secunia.com/advisories/25575
http://secunia.com/advisories/29157
http://www.vupen.com/english/advisories/2011/0022
Common Vulnerability Exposure (CVE) ID: CVE-2007-0555
Bugtraq: 20070206 rPSA-2007-0025-1 postgresql postgresql-server (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459280/100/0/threaded
Bugtraq: 20070208 rPSA-2007-0025-2 postgresql postgresql-server (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459448/100/0/threaded
http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html
Debian Security Information: DSA-1261 (Google Search)
http://www.debian.org/security/2007/dsa-1261
http://fedoranews.org/cms/node/2554
http://security.gentoo.org/glsa/glsa-200703-15.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:037
http://www.redhat.com/support/errata/RHSA-2007-0064.html
http://www.redhat.com/support/errata/RHSA-2007-0067.html
http://www.redhat.com/support/errata/RHSA-2007-0068.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1
SuSE Security Announcement: SUSE-SR:2007:010 (Google Search)
http://www.novell.com/linux/security/advisories/2007_10_sr.html
http://www.ubuntulinux.org/support/documentation/usn/usn-417-1
http://www.ubuntu.com/usn/usn-417-2
BugTraq ID: 22387
http://www.securityfocus.com/bid/22387
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9739
http://www.vupen.com/english/advisories/2007/0478
http://www.vupen.com/english/advisories/2007/0774
http://osvdb.org/33087
http://securitytracker.com/id?1017597
http://secunia.com/advisories/24033
http://secunia.com/advisories/24028
http://secunia.com/advisories/24057
http://secunia.com/advisories/24050
http://secunia.com/advisories/24042
http://secunia.com/advisories/24094
http://secunia.com/advisories/24158
http://secunia.com/advisories/24315
http://secunia.com/advisories/24513
http://secunia.com/advisories/24577
http://secunia.com/advisories/25220
XForce ISS Database: postgresql-sqlfunctions-info-disclosure(32195)
http://xforce.iss.net/xforce/xfdb/32195
Common Vulnerability Exposure (CVE) ID: CVE-2007-0556
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11353
http://osvdb.org/33302
XForce ISS Database: postgresql-datatype-information-disclosure(32191)
http://xforce.iss.net/xforce/xfdb/32191
Common Vulnerability Exposure (CVE) ID: CVE-2007-0452
Bugtraq: 20070205 [SAMBA-SECURITY] CVE-2007-0452: Potential DoS against smbd in Samba 3.0.6 - 3.0.23d (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459167/100/0/threaded
Bugtraq: 20070207 rPSA-2007-0026-1 samba samba-swat (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459365/100/0/threaded
Debian Security Information: DSA-1257 (Google Search)
http://www.debian.org/security/2007/dsa-1257
http://fedoranews.org/cms/node/2579
http://fedoranews.org/cms/node/2580
http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
HPdes Security Advisory: HPSBUX02204
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00943462
HPdes Security Advisory: SSRT071341
http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
http://www.redhat.com/support/errata/RHSA-2007-0060.html
http://www.redhat.com/support/errata/RHSA-2007-0061.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
SuSE Security Announcement: SUSE-SA:2007:016 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Feb/0002.html
http://www.ubuntu.com/usn/usn-419-1
BugTraq ID: 22395
http://www.securityfocus.com/bid/22395
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9758
http://www.vupen.com/english/advisories/2007/0483
http://www.vupen.com/english/advisories/2007/1278
http://osvdb.org/33100
http://securitytracker.com/id?1017587
http://secunia.com/advisories/24021
http://secunia.com/advisories/24060
http://secunia.com/advisories/24030
http://secunia.com/advisories/24067
http://secunia.com/advisories/24101
http://secunia.com/advisories/24046
http://secunia.com/advisories/24145
http://secunia.com/advisories/24076
http://secunia.com/advisories/24140
http://secunia.com/advisories/24188
http://secunia.com/advisories/24792
http://securityreason.com/securityalert/2219
XForce ISS Database: samba-smbd-filerename-dos(32301)
http://xforce.iss.net/xforce/xfdb/32301
Common Vulnerability Exposure (CVE) ID: CVE-2007-0453
Bugtraq: 20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459168/100/0/threaded
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
BugTraq ID: 22410
http://www.securityfocus.com/bid/22410
http://osvdb.org/33098
http://securitytracker.com/id?1017589
http://secunia.com/advisories/24043
XForce ISS Database: samba-winbind-bo(32231)
http://xforce.iss.net/xforce/xfdb/32231
Common Vulnerability Exposure (CVE) ID: CVE-2007-0454
Bugtraq: 20070205 [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin (Google Search)
http://www.securityfocus.com/archive/1/archive/1/459179/100/0/threaded
CERT/CC vulnerability note: VU#649732
http://www.kb.cert.org/vuls/id/649732
BugTraq ID: 22403
http://www.securityfocus.com/bid/22403
http://osvdb.org/33101
http://securitytracker.com/id?1017588
XForce ISS Database: samba-afsacl-format-string(32304)
http://xforce.iss.net/xforce/xfdb/32304
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 40246 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois

© 1998-2014 E-Soft Inc. Alle Rechte vorbehalten.