Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:009 (glibc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50647

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:009 (glibc)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to glibc
announced via advisory MDKSA-2004:009.

A read buffer overflow vulnerability exists in the resolver code in
versions of glibc up to and including 2.2.5. The vulnerability is
triggered by DNS packets larger than 1024 bytes, which can cause an
application to crash.

The updated packages have a patch applied to correct the problem.

Affected versions: 9.0, Corporate Server 2.1,
Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1146
http://www.kb.cert.org/vuls/id/738331

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-1146
CERT/CC vulnerability note: VU#738331
http://www.kb.cert.org/vuls/id/738331
Conectiva Linux advisory: CLA-2002:535
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535
FreeBSD Security Advisory: FreeBSD-SA-02:42
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009
NETBSD Security Advisory: NetBSD-SA2002-015
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc
http://www.redhat.com/support/errata/RHSA-2002-197.html
http://www.redhat.com/support/errata/RHSA-2002-258.html
http://www.redhat.com/support/errata/RHSA-2003-022.html
http://www.redhat.com/support/errata/RHSA-2003-212.html
http://www.iss.net/security_center/static/10295.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50647
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:009 (glibc)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to glibc announced via advisory MDKSA-2004:009. A read buffer overflow vulnerability exists in the resolver code in versions of glibc up to and including 2.2.5. The vulnerability is triggered by DNS packets larger than 1024 bytes, which can cause an application to crash. The updated packages have a patch applied to correct the problem. Affected versions: 9.0, Corporate Server 2.1, Multi Network Firewall 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1146 http://www.kb.cert.org/vuls/id/738331 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1146 CERT/CC vulnerability note: VU#738331 http://www.kb.cert.org/vuls/id/738331 Conectiva Linux advisory: CLA-2002:535 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535 FreeBSD Security Advisory: FreeBSD-SA-02:42 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009 NETBSD Security Advisory: NetBSD-SA2002-015 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc http://www.redhat.com/support/errata/RHSA-2002-197.html http://www.redhat.com/support/errata/RHSA-2002-258.html http://www.redhat.com/support/errata/RHSA-2003-022.html http://www.redhat.com/support/errata/RHSA-2003-212.html http://www.iss.net/security_center/static/10295.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com