ID de Prueba:	1.3.6.1.4.1.25623.1.0.50514
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:033 (xine-ui)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xine-ui announced via advisory MDKSA-2004:033. Shaun Colley discovered a temporary file vulnerability in the xine-check script packaged in xine-ui. This problem could allow local attackers to overwrite arbitrary files with the privileges of the user invoking the script. The updated packages change the location of where temporary files are written to prevent this attack. Affected versions: 10.0, 9.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0372 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 9939 Common Vulnerability Exposure (CVE) ID: CVE-2004-0372 http://www.securityfocus.com/bid/9939 Bugtraq: 20040320 xine-check/xine-bugreport symlink vulnerability. (Google Search) http://marc.info/?l=bugtraq&m=107997911025558&w=2 Debian Security Information: DSA-477 (Google Search) http://www.debian.org/security/2004/dsa-477 http://security.gentoo.org/glsa/glsa-200404-20.xml XForce ISS Database: xine-xinebugreport-xinecheck-symlink(15564) https://exchange.xforce.ibmcloud.com/vulnerabilities/15564
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.