Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:055 (kopete)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50714

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2003:055 (kopete)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to kopete
announced via advisory MDKSA-2003:055.

A vulnerability was discovered in versions of kopete, a KDE instant
messenger client, prior to 0.6.2. This vulnerabiliy is in the GnuPG
plugin that allows for users to send each other GPG-encrypted instant
messages. The plugin passes encrypted messages to gpg, but does no
checking to sanitize the commandline passed to gpg. This can allow
remote users to execute arbitrary code, with the permissions of the
user running kopete, on the local system.

Affected versions: 9.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0256
http://kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0256
Conectiva Linux advisory: CLA-2003:665
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000665
http://www.mandriva.com/security/advisories?name=MDKSA-2003:055

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50714
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:055 (kopete)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kopete announced via advisory MDKSA-2003:055. A vulnerability was discovered in versions of kopete, a KDE instant messenger client, prior to 0.6.2. This vulnerabiliy is in the GnuPG plugin that allows for users to send each other GPG-encrypted instant messages. The plugin passes encrypted messages to gpg, but does no checking to sanitize the commandline passed to gpg. This can allow remote users to execute arbitrary code, with the permissions of the user running kopete, on the local system. Affected versions: 9.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:055 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0256 http://kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0256 Conectiva Linux advisory: CLA-2003:665 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000665 http://www.mandriva.com/security/advisories?name=MDKSA-2003:055
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com