ID de Prueba:	1.3.6.1.4.1.25623.1.0.121039
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201310-01
Resumen:	Gentoo Linux Local Security Checks GLSA 201310-01
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201310-01 Vulnerability Insight: The cpansign verify command will automatically download keys and use them to check the signature of CPAN packages via the SIGNATURE file. If an attacker were to replace this (SHA1) with a special unknown cipher (e.g. Special) and were to include in the distribution a Digest/Special.pm, the code in this Perl module would be executed when cpansign -verify is run. Solution: Update the affected packages to the latest available version. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2145 BugTraq ID: 60352 http://www.securityfocus.com/bid/60352 https://bugzilla.redhat.com/show_bug.cgi?id=971096 http://www.openwall.com/lists/oss-security/2013/06/05/16 SuSE Security Announcement: openSUSE-SU-2013:1178 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00039.html SuSE Security Announcement: openSUSE-SU-2013:1185 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-07/msg00043.html http://www.ubuntu.com/usn/USN-1896-1
Copyright	Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.