Test Kennung:	1.3.6.1.4.1.25623.1.0.59661
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2007-0028 (fetchmail, quagga)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2007-0028. fetchmail < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 > - SECURITY Fix: An error exists in fetchmail which allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-4565 to this issue. quagga < TSL 3.0.5 > < TSL 3.0 > - New Upstream. - SECURITY Fix: A vulnerability have been reported in Quagga, caused due to bgpd improperly handling messages sent by peers. This can be exploited to crash bgpd by sending a specially crafted OPEN message with an invalid message length or an invalid parameter length, or a specially crafted UPDATE message with a malformed COMMUNITY attribute. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-4826 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2007-0028 Risk factor : Medium CVSS Score: 5.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4565 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 25495 http://www.securityfocus.com/bid/25495 Bugtraq: 20070907 FLEA-2007-0053-1 fetchmail (Google Search) http://www.securityfocus.com/archive/1/478798/100/0/threaded Bugtraq: 20080617 fetchmail security announcement fetchmail-SA-2007-02 (CVE-2007-4565) (Google Search) http://www.securityfocus.com/archive/1/493388/100/0/threaded Debian Security Information: DSA-1377 (Google Search) http://www.debian.org/security/2007/dsa-1377 http://www.mandriva.com/security/advisories?name=MDKSA-2007:179 http://osvdb.org/45833 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10528 http://www.securitytracker.com/id?1018627 http://secunia.com/advisories/27399 http://secunia.com/advisories/33937 http://securityreason.com/securityalert/3074 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.trustix.org/errata/2007/0028/ http://www.ubuntu.com/usn/usn-520-1 http://www.vupen.com/english/advisories/2007/3032 http://www.vupen.com/english/advisories/2009/0422 XForce ISS Database: fetchmail-warning-dos(36385) https://exchange.xforce.ibmcloud.com/vulnerabilities/36385 Common Vulnerability Exposure (CVE) ID: CVE-2007-4826 2007-0028 236141 http://sunsolve.sun.com/search/document.do?assetkey=1-26-236141-1 25634 http://www.securityfocus.com/bid/25634 26744 http://secunia.com/advisories/26744 26829 http://secunia.com/advisories/26829 26863 http://secunia.com/advisories/26863 27049 http://secunia.com/advisories/27049 29743 http://secunia.com/advisories/29743 ADV-2007-3129 http://www.vupen.com/english/advisories/2007/3129 ADV-2008-1195 http://www.vupen.com/english/advisories/2008/1195/references DSA-1382 http://www.debian.org/security/2007/dsa-1382 FEDORA-2007-2196 http://fedoranews.org/updates/FEDORA-2007-219.shtml MDKSA-2007:182 http://www.mandriva.com/security/advisories?name=MDKSA-2007:182 RHSA-2010:0785 http://www.redhat.com/support/errata/RHSA-2010-0785.html USN-512-1 http://www.ubuntu.com/usn/usn-512-1 [debian-security-announce] 20071003 [SECURITY] [DSA 1379-1] New quagga packages fix denial of service http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00153.html http://quagga.net/news2.php?y=2007&m=9&d=7#id1189190760 http://www.quagga.net/download/quagga-0.99.9.changelog.txt quagga-bgpd-dos(36551) https://exchange.xforce.ibmcloud.com/vulnerabilities/36551
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.