Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201401-28

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.121125

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201401-28

Resumen: Gentoo Linux Local Security Checks GLSA 201401-28

Descripción: Summary:
Gentoo Linux Local Security Checks GLSA 201401-28

Vulnerability Insight:
Tomboy places a zero-length directory name in the LD_LIBRARY_PATH, which might result in the current working directory (.) to be included when searching for dynamically linked libraries.

Solution:
Update the affected packages to the latest available version.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-4790
BugTraq ID: 25341
http://www.securityfocus.com/bid/25341
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00206.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00913.html
http://security.gentoo.org/glsa/glsa-200711-12.xml
http://security.gentoo.org/glsa/glsa-200801-14.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:064
http://bugs.gentoo.org/show_bug.cgi?id=188806
http://osvdb.org/39577
http://osvdb.org/39578
http://secunia.com/advisories/26480
http://secunia.com/advisories/27608
http://secunia.com/advisories/27621
http://secunia.com/advisories/27799
http://secunia.com/advisories/28339
http://secunia.com/advisories/28672
SuSE Security Announcement: SUSE-SR:2005:022 (Google Search)
http://www.novell.com/linux/security/advisories/2005_22_sr.html
https://usn.ubuntu.com/560-1/
XForce ISS Database: tomboy-ldlibrarypath-privilege-escalation(36054)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36054
Common Vulnerability Exposure (CVE) ID: CVE-2010-4005
http://www.mandriva.com/security/advisories?name=MDVSA-2011:035
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
http://www.vupen.com/english/advisories/2011/0457

Copyright Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.121125
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201401-28
Resumen:	Gentoo Linux Local Security Checks GLSA 201401-28
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201401-28 Vulnerability Insight: Tomboy places a zero-length directory name in the LD_LIBRARY_PATH, which might result in the current working directory (.) to be included when searching for dynamically linked libraries. Solution: Update the affected packages to the latest available version. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4790 BugTraq ID: 25341 http://www.securityfocus.com/bid/25341 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00206.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00913.html http://security.gentoo.org/glsa/glsa-200711-12.xml http://security.gentoo.org/glsa/glsa-200801-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:064 http://bugs.gentoo.org/show_bug.cgi?id=188806 http://osvdb.org/39577 http://osvdb.org/39578 http://secunia.com/advisories/26480 http://secunia.com/advisories/27608 http://secunia.com/advisories/27621 http://secunia.com/advisories/27799 http://secunia.com/advisories/28339 http://secunia.com/advisories/28672 SuSE Security Announcement: SUSE-SR:2005:022 (Google Search) http://www.novell.com/linux/security/advisories/2005_22_sr.html https://usn.ubuntu.com/560-1/ XForce ISS Database: tomboy-ldlibrarypath-privilege-escalation(36054) https://exchange.xforce.ibmcloud.com/vulnerabilities/36054 Common Vulnerability Exposure (CVE) ID: CVE-2010-4005 http://www.mandriva.com/security/advisories?name=MDVSA-2011:035 SuSE Security Announcement: SUSE-SR:2010:023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://www.vupen.com/english/advisories/2011/0457
Copyright	Copyright (C) 2015 Eero Volotinen