Test Kennung:	1.3.6.1.4.1.25623.1.0.63559
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2009-069-03)
Zusammenfassung:	The remote host is missing an update for the 'xterm' package(s) announced via the SSA:2009-069-03 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'xterm' package(s) announced via the SSA:2009-069-03 advisory. Vulnerability Insight: New xterm packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/xterm-241-i486-1_slack12.2.tgz: Upgraded to xterm-241. This fixes a vulnerability where displaying a file containing DECRQSS (Device Control Request Status String) sequences could cause arbitrary commands to be executed as the user running xterm. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'xterm' package(s) on Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2383 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 33060 http://www.securityfocus.com/bid/33060 Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1694 (Google Search) http://www.debian.org/security/2009/dsa-1694 https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00072.html https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00184.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3E2Q6NPKT7V4VKZMSFF4ARLRVYOG4AU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOOVZTIABA4MIFUGTAVYWO6QXSUXSST4/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9317 http://www.redhat.com/support/errata/RHSA-2009-0018.html http://www.redhat.com/support/errata/RHSA-2009-0019.html http://www.securitytracker.com/id?1021522 http://secunia.com/advisories/33318 http://secunia.com/advisories/33388 http://secunia.com/advisories/33397 http://secunia.com/advisories/33418 http://secunia.com/advisories/33419 http://secunia.com/advisories/33568 http://secunia.com/advisories/33820 http://secunia.com/advisories/35074 http://sunsolve.sun.com/search/document.do?assetkey=1-66-254208-1 SuSE Security Announcement: SUSE-SR:2009:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html SuSE Security Announcement: SUSE-SR:2009:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html https://usn.ubuntu.com/703-1/ http://www.vupen.com/english/advisories/2009/1297 XForce ISS Database: xterm-decrqss-code-execution(47655) https://exchange.xforce.ibmcloud.com/vulnerabilities/47655
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.