Test Kennung:	1.3.6.1.4.1.25623.1.0.64945
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2009:1461
Zusammenfassung:	The remote host is missing updates announced in;advisory RHSA-2009:1461.;;PostgreSQL, MySQL, PHP, and Apache have updates fixing a number of;security issues. For details, please visit the referenced security;advisories.;;All users should upgrade to these updated packages, which resolve these;issues. Users must restart the individual services, including postgresql,;mysqld, and httpd, for this update to take effect.
Beschreibung:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1461. PostgreSQL, MySQL, PHP, and Apache have updates fixing a number of security issues. For details, please visit the referenced security advisories. All users should upgrade to these updated packages, which resolve these issues. Users must restart the individual services, including postgresql, mysqld, and httpd, for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4456 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html BugTraq ID: 31486 http://www.securityfocus.com/bid/31486 Bugtraq: 20080930 MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/496842/100/0/threaded Bugtraq: 20080930 RE: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/496877/100/0/threaded Bugtraq: 20081004 RE: RE: MySQL command-line client HTML injection vulnerability (Google Search) http://seclists.org/bugtraq/2008/Oct/0026.html Bugtraq: 20081029 Re: MySQL command-line client HTML injection vulnerability (Google Search) http://www.securityfocus.com/archive/1/497158/100/0/threaded http://www.securityfocus.com/archive/1/497885/100/0/threaded Debian Security Information: DSA-1783 (Google Search) http://www.debian.org/security/2009/dsa-1783 http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 http://www.henlich.de/it-security/mysql-command-line-client-html-injection-vulnerability https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11456 http://www.redhat.com/support/errata/RHSA-2009-1289.html http://www.redhat.com/support/errata/RHSA-2010-0110.html http://secunia.com/advisories/32072 http://secunia.com/advisories/34907 http://secunia.com/advisories/36566 http://secunia.com/advisories/38517 http://securityreason.com/securityalert/4357 http://www.ubuntu.com/usn/USN-1397-1 http://ubuntu.com/usn/usn-897-1 XForce ISS Database: mysql-commandline-xss(45590) https://exchange.xforce.ibmcloud.com/vulnerabilities/45590 Common Vulnerability Exposure (CVE) ID: CVE-2009-2446 BugTraq ID: 35609 http://www.securityfocus.com/bid/35609 Bugtraq: 20090708 MySQL <= 5.0.45 post auth format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/504799/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2009-07/0058.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:179 http://www.osvdb.org/55734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11857 http://securitytracker.com/id?1022533 http://secunia.com/advisories/35767 http://www.vupen.com/english/advisories/2009/1857 XForce ISS Database: mysql-dispatchcommand-format-string(51614) https://exchange.xforce.ibmcloud.com/vulnerabilities/51614 Common Vulnerability Exposure (CVE) ID: CVE-2009-2687 BugTraq ID: 35440 http://www.securityfocus.com/bid/35440 Debian Security Information: DSA-1940 (Google Search) http://www.debian.org/security/2009/dsa-1940 HPdes Security Advisory: HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 HPdes Security Advisory: SSRT100152 http://www.mandriva.com/security/advisories?name=MDVSA-2009:145 http://www.mandriva.com/security/advisories?name=MDVSA-2009:167 http://osvdb.org/55222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10695 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6655 http://secunia.com/advisories/35441 http://secunia.com/advisories/36462 http://secunia.com/advisories/37482 http://secunia.com/advisories/40262 SuSE Security Announcement: SUSE-SR:2009:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html https://usn.ubuntu.com/824-1/ http://www.vupen.com/english/advisories/2009/1632 XForce ISS Database: php-exifreaddata-dos(51253) https://exchange.xforce.ibmcloud.com/vulnerabilities/51253 Common Vulnerability Exposure (CVE) ID: CVE-2009-3094 AIX APAR: PK96858 http://www-01.ibm.com/support/docview.wss?uid=swg1PK96858 AIX APAR: PM09161 http://www-01.ibm.com/support/docview.wss?uid=swg1PM09161 Bugtraq: 20091124 rPSA-2009-0155-1 httpd mod_ssl (Google Search) http://www.securityfocus.com/archive/1/508075/100/0/threaded Debian Security Information: DSA-1934 (Google Search) http://www.debian.org/security/2009/dsa-1934 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html HPdes Security Advisory: HPSBMU02753 http://marc.info/?l=bugtraq&m=133355494609819&w=2 HPdes Security Advisory: HPSBOV02506 http://marc.info/?l=bugtraq&m=126998684522511&w=2 HPdes Security Advisory: HPSBUX02531 http://marc.info/?l=bugtraq&m=127557640302499&w=2 HPdes Security Advisory: SSRT090244 HPdes Security Advisory: SSRT100108 HPdes Security Advisory: SSRT100782 http://intevydis.com/vd-list.shtml http://www.intevydis.com/blog/?p=59 https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10981 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8087 http://secunia.com/advisories/36549 http://secunia.com/advisories/37152 SuSE Security Announcement: SUSE-SA:2009:050 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html http://www.vupen.com/english/advisories/2010/0609 Common Vulnerability Exposure (CVE) ID: CVE-2009-3095 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8662 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9363 Common Vulnerability Exposure (CVE) ID: CVE-2009-3229 BugTraq ID: 36314 http://www.securityfocus.com/bid/36314 Bugtraq: 20100307 rPSA-2010-0012-1 postgresql postgresql-contrib postgresql-server (Google Search) http://www.securityfocus.com/archive/1/509917/100/0/threaded Debian Security Information: DSA-1900 (Google Search) http://www.us.debian.org/security/2009/dsa-1900 https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00305.html https://www.redhat.com/archives/fedora-package-announce/2009-September/msg00307.html HPdes Security Advisory: HPSBMU02781 http://marc.info/?l=bugtraq&m=134124585221119&w=2 HPdes Security Advisory: SSRT100617 http://secunia.com/advisories/36660 http://secunia.com/advisories/36727 http://secunia.com/advisories/36800 http://secunia.com/advisories/36837 http://sunsolve.sun.com/search/document.do?assetkey=1-66-270408-1 SuSE Security Announcement: SUSE-SR:2009:016 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html http://www.ubuntu.com/usn/usn-834-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-3230 http://archives.postgresql.org/pgsql-www/2009-09/msg00024.php https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10166 http://secunia.com/advisories/36695 http://www.vupen.com/english/advisories/2009/2602 Common Vulnerability Exposure (CVE) ID: CVE-2009-3231 Common Vulnerability Exposure (CVE) ID: CVE-2007-6600 BugTraq ID: 27163 http://www.securityfocus.com/bid/27163 Bugtraq: 20080107 PostgreSQL 2007-01-07 Cumulative Security Release (Google Search) http://www.securityfocus.com/archive/1/485864/100/0/threaded Bugtraq: 20080115 rPSA-2008-0016-1 postgresql postgresql-server (Google Search) http://www.securityfocus.com/archive/1/486407/100/0/threaded Debian Security Information: DSA-1460 (Google Search) http://www.debian.org/security/2008/dsa-1460 Debian Security Information: DSA-1463 (Google Search) http://www.debian.org/security/2008/dsa-1463 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html http://security.gentoo.org/glsa/glsa-200801-15.xml HPdes Security Advisory: HPSBTU02325 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 HPdes Security Advisory: SSRT080006 http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10493 http://www.redhat.com/support/errata/RHSA-2008-0038.html http://www.redhat.com/support/errata/RHSA-2008-0039.html http://www.redhat.com/support/errata/RHSA-2008-0040.html http://securitytracker.com/id?1019157 http://secunia.com/advisories/28359 http://secunia.com/advisories/28376 http://secunia.com/advisories/28437 http://secunia.com/advisories/28438 http://secunia.com/advisories/28445 http://secunia.com/advisories/28454 http://secunia.com/advisories/28455 http://secunia.com/advisories/28464 http://secunia.com/advisories/28477 http://secunia.com/advisories/28479 http://secunia.com/advisories/28679 http://secunia.com/advisories/28698 http://secunia.com/advisories/29638 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1 SuSE Security Announcement: SUSE-SA:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html https://usn.ubuntu.com/568-1/ http://www.vupen.com/english/advisories/2008/0061 http://www.vupen.com/english/advisories/2008/0109 http://www.vupen.com/english/advisories/2008/1071/references XForce ISS Database: postgresql-indexfunctions-priv-escalation(39496) https://exchange.xforce.ibmcloud.com/vulnerabilities/39496
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.