 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.68862 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandriva Security Advisory MDVSA-2011:023 (proftpd) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to proftpd announced via advisory MDVSA-2011:023. A vulnerability has been found and corrected in proftpd: Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query (CVE-2010-4652). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:023 Risk factor : High CVSS Score: 6.8 |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4652 44933 http://www.securityfocus.com/bid/44933 ADV-2011-0248 http://www.vupen.com/english/advisories/2011/0248 ADV-2011-0331 http://www.vupen.com/english/advisories/2011/0331 DSA-2191 http://www.debian.org/security/2011/dsa-2191 FEDORA-2011-0610 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053540.html FEDORA-2011-0613 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053537.html MDVSA-2011:023 http://www.mandriva.com/security/advisories?name=MDVSA-2011:023 http://bugs.proftpd.org/show_bug.cgi?id=3536 http://phrack.org/issues.html?issue=67&id=7#article http://proftpd.org/docs/RELEASE_NOTES-1.3.3d https://bugzilla.redhat.com/show_bug.cgi?id=670170 |
| Copyright | Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |