Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201401-17

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.121114

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201401-17

Resumen: Gentoo Linux Local Security Checks GLSA 201401-17

Descripción: Summary:
Gentoo Linux Local Security Checks GLSA 201401-17

Vulnerability Insight:
PCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset Handler (atrhandler.c).

Solution:
Update the affected packages to the latest available version.

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4531
42912
http://secunia.com/advisories/42912
43112
http://secunia.com/advisories/43112
45450
http://www.securityfocus.com/bid/45450
ADV-2010-3264
http://www.vupen.com/english/advisories/2010/3264
ADV-2011-0101
http://www.vupen.com/english/advisories/2011/0101
ADV-2011-0180
http://www.vupen.com/english/advisories/2011/0180
ADV-2011-0256
http://www.vupen.com/english/advisories/2011/0256
DSA-2156
http://www.debian.org/security/2011/dsa-2156
FEDORA-2011-0123
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html
FEDORA-2011-0164
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html
MDVSA-2011:015
http://www.mandriva.com/security/advisories?name=MDVSA-2011:015
[Pcsclite-cvs-commit] 20101103 r5370 - /trunk/PCSC/src/atrhandler.c
http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html
[oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
http://www.openwall.com/lists/oss-security/2010/12/22/7
[oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
http://www.openwall.com/lists/oss-security/2011/01/03/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781
http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531

Copyright Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.121114
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201401-17
Resumen:	Gentoo Linux Local Security Checks GLSA 201401-17
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201401-17 Vulnerability Insight: PCSC-Lite contains a stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset Handler (atrhandler.c). Solution: Update the affected packages to the latest available version. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4531 42912 http://secunia.com/advisories/42912 43112 http://secunia.com/advisories/43112 45450 http://www.securityfocus.com/bid/45450 ADV-2010-3264 http://www.vupen.com/english/advisories/2010/3264 ADV-2011-0101 http://www.vupen.com/english/advisories/2011/0101 ADV-2011-0180 http://www.vupen.com/english/advisories/2011/0180 ADV-2011-0256 http://www.vupen.com/english/advisories/2011/0256 DSA-2156 http://www.debian.org/security/2011/dsa-2156 FEDORA-2011-0123 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html FEDORA-2011-0164 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html MDVSA-2011:015 http://www.mandriva.com/security/advisories?name=MDVSA-2011:015 [Pcsclite-cvs-commit] 20101103 r5370 - /trunk/PCSC/src/atrhandler.c http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html [oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ] http://www.openwall.com/lists/oss-security/2010/12/22/7 [oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ] http://www.openwall.com/lists/oss-security/2011/01/03/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781 http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531
Copyright	Copyright (C) 2015 Eero Volotinen