Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:032 (libneon)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50512

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:032 (libneon)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to libneon
announced via advisory MDKSA-2004:032.

A number of various format string vulnerabilities were discovered in
the error output handling of Neon, the HTTP and WebDAV client library,
by Thomas Wana. These problems affect all versions of Neon from 0.19.0
up to and including 0.24.4.

All users are encouraged to upgrade. All client software using this
library is affected.

Affected versions: 10.0, 9.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0179

Risk factor : High

CVSS Score:
5.1

Referencia Cruzada: BugTraq ID: 10136
Common Vulnerability Exposure (CVE) ID: CVE-2004-0179
http://www.securityfocus.com/bid/10136
Bugtraq: 20040416 [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) (Google Search)
http://marc.info/?l=bugtraq&m=108213873203477&w=2
Bugtraq: 20040416 void.at - neon format string bugs (Google Search)
http://marc.info/?l=bugtraq&m=108214147022626&w=2
Debian Security Information: DSA-487 (Google Search)
http://www.debian.org/security/2004/dsa-487
https://bugzilla.fedora.us/show_bug.cgi?id=1552
http://security.gentoo.org/glsa/glsa-200405-01.xml
http://security.gentoo.org/glsa/glsa-200405-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:032
http://www.osvdb.org/5365
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913
http://www.redhat.com/support/errata/RHSA-2004-157.html
http://www.redhat.com/support/errata/RHSA-2004-158.html
http://www.redhat.com/support/errata/RHSA-2004-159.html
http://www.redhat.com/support/errata/RHSA-2004-160.html
http://secunia.com/advisories/11363
SGI Security Advisory: 20040404-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc
SuSE Security Announcement: SuSE-SA:2004:008 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html
SuSE Security Announcement: SuSE-SA:2004:009 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50512
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:032 (libneon)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libneon announced via advisory MDKSA-2004:032. A number of various format string vulnerabilities were discovered in the error output handling of Neon, the HTTP and WebDAV client library, by Thomas Wana. These problems affect all versions of Neon from 0.19.0 up to and including 0.24.4. All users are encouraged to upgrade. All client software using this library is affected. Affected versions: 10.0, 9.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:032 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0179 Risk factor : High CVSS Score: 5.1
Referencia Cruzada:	BugTraq ID: 10136 Common Vulnerability Exposure (CVE) ID: CVE-2004-0179 http://www.securityfocus.com/bid/10136 Bugtraq: 20040416 [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) (Google Search) http://marc.info/?l=bugtraq&m=108213873203477&w=2 Bugtraq: 20040416 void.at - neon format string bugs (Google Search) http://marc.info/?l=bugtraq&m=108214147022626&w=2 Debian Security Information: DSA-487 (Google Search) http://www.debian.org/security/2004/dsa-487 https://bugzilla.fedora.us/show_bug.cgi?id=1552 http://security.gentoo.org/glsa/glsa-200405-01.xml http://security.gentoo.org/glsa/glsa-200405-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:032 http://www.osvdb.org/5365 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913 http://www.redhat.com/support/errata/RHSA-2004-157.html http://www.redhat.com/support/errata/RHSA-2004-158.html http://www.redhat.com/support/errata/RHSA-2004-159.html http://www.redhat.com/support/errata/RHSA-2004-160.html http://secunia.com/advisories/11363 SGI Security Advisory: 20040404-01-U ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc SuSE Security Announcement: SuSE-SA:2004:008 (Google Search) http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html SuSE Security Announcement: SuSE-SA:2004:009 (Google Search) http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com