Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201406-24

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.121227

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201406-24

Resumen: Gentoo Linux Local Security Checks GLSA 201406-24

Descripción: Summary:
Gentoo Linux Local Security Checks GLSA 201406-24

Vulnerability Insight:
When used with certain libvirt configurations Dnsmasq replies to queries from prohibited interfaces.

Solution:
Update the affected packages to the latest available version.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3411
54353
http://www.securityfocus.com/bid/54353
MDVSA-2013:072
http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
RHSA-2013:0276
http://rhn.redhat.com/errata/RHSA-2013-0276.html
RHSA-2013:0277
http://rhn.redhat.com/errata/RHSA-2013-0277.html
RHSA-2013:0579
http://rhn.redhat.com/errata/RHSA-2013-0579.html
[oss-security] 20120712 Re: Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created
http://www.openwall.com/lists/oss-security/2012/07/12/5
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0
http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
https://bugzilla.redhat.com/show_bug.cgi?id=833033
Common Vulnerability Exposure (CVE) ID: CVE-2013-0198
[oss-security] 20130118 CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue
http://www.openwall.com/lists/oss-security/2013/01/18/2
[oss-security] 20130118 Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue
http://www.openwall.com/lists/oss-security/2013/01/18/7
http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6
https://bugzilla.redhat.com/show_bug.cgi?id=894486

Copyright Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.121227
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201406-24
Resumen:	Gentoo Linux Local Security Checks GLSA 201406-24
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201406-24 Vulnerability Insight: When used with certain libvirt configurations Dnsmasq replies to queries from prohibited interfaces. Solution: Update the affected packages to the latest available version. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3411 54353 http://www.securityfocus.com/bid/54353 MDVSA-2013:072 http://www.mandriva.com/security/advisories?name=MDVSA-2013:072 RHSA-2013:0276 http://rhn.redhat.com/errata/RHSA-2013-0276.html RHSA-2013:0277 http://rhn.redhat.com/errata/RHSA-2013-0277.html RHSA-2013:0579 http://rhn.redhat.com/errata/RHSA-2013-0579.html [oss-security] 20120712 Re: Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created http://www.openwall.com/lists/oss-security/2012/07/12/5 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0 http://www.thekelleys.org.uk/dnsmasq/CHANGELOG https://bugzilla.redhat.com/show_bug.cgi?id=833033 Common Vulnerability Exposure (CVE) ID: CVE-2013-0198 [oss-security] 20130118 CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue http://www.openwall.com/lists/oss-security/2013/01/18/2 [oss-security] 20130118 Re: CVE Request -- dnsmasq: Incomplete fix for the CVE-2012-3411 issue http://www.openwall.com/lists/oss-security/2013/01/18/7 http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6 https://bugzilla.redhat.com/show_bug.cgi?id=894486
Copyright	Copyright (C) 2015 Eero Volotinen