Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2002:069 (gv/ggv)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50841

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2002:069 (gv/ggv)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to gv/ggv
announced via advisory MDKSA-2002:069.

A buffer overflow was discovered in gv versions 3.5.8 and earlier by
Zen Parse. The problem is triggered by scanning a file and can be
exploited by an attacker sending a malformed PostScript or PDF file.
This would result in arbitrary code being executed with the privilege of
the user viewing the file. ggv uses code derived from gv and has the
same vulnerability. These updates provide patched versions of gv and
ggv to fix the vulnerabilities.

Affected versions: 8.0, 8.1, 8.2, 9.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2002:069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838

Risk factor : Medium

CVSS Score:
4.6

Referencia Cruzada: BugTraq ID: 5808
Common Vulnerability Exposure (CVE) ID: CVE-2002-0838
http://www.securityfocus.com/bid/5808
Bugtraq: 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search)
http://marc.info/?l=bugtraq&m=103305778615625&w=2
Bugtraq: 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search)
http://marc.info/?l=bugtraq&m=103305615613319&w=2
Bugtraq: 20021017 GLSA: ggv (Google Search)
http://marc.info/?l=bugtraq&m=103487806800388&w=2
Caldera Security Advisory: CSSA-2002-053.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-053.0.txt
CERT/CC vulnerability note: VU#600777
http://www.kb.cert.org/vuls/id/600777
Conectiva Linux advisory: CLA-2002:542
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000542
Debian Security Information: DSA-176 (Google Search)
http://www.debian.org/security/2002/dsa-176
Debian Security Information: DSA-179 (Google Search)
http://www.debian.org/security/2002/dsa-179
Debian Security Information: DSA-182 (Google Search)
http://www.debian.org/security/2002/dsa-182
http://www.mandriva.com/security/advisories?name=MDKSA-2002:069
http://www.mandriva.com/security/advisories?name=MDKSA-2002:071
http://www.redhat.com/support/errata/RHSA-2002-207.html
http://www.redhat.com/support/errata/RHSA-2002-212.html
http://www.redhat.com/support/errata/RHSA-2002-220.html
http://www.iss.net/security_center/static/10201.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50841
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2002:069 (gv/ggv)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to gv/ggv announced via advisory MDKSA-2002:069. A buffer overflow was discovered in gv versions 3.5.8 and earlier by Zen Parse. The problem is triggered by scanning a file and can be exploited by an attacker sending a malformed PostScript or PDF file. This would result in arbitrary code being executed with the privilege of the user viewing the file. ggv uses code derived from gv and has the same vulnerability. These updates provide patched versions of gv and ggv to fix the vulnerabilities. Affected versions: 8.0, 8.1, 8.2, 9.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2002:069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838 Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	BugTraq ID: 5808 Common Vulnerability Exposure (CVE) ID: CVE-2002-0838 http://www.securityfocus.com/bid/5808 Bugtraq: 20020926 Errata: iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305778615625&w=2 Bugtraq: 20020926 iDEFENSE Security Advisory 09.26.2002: Exploitable Buffer Overflow in gv (Google Search) http://marc.info/?l=bugtraq&m=103305615613319&w=2 Bugtraq: 20021017 GLSA: ggv (Google Search) http://marc.info/?l=bugtraq&m=103487806800388&w=2 Caldera Security Advisory: CSSA-2002-053.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-053.0.txt CERT/CC vulnerability note: VU#600777 http://www.kb.cert.org/vuls/id/600777 Conectiva Linux advisory: CLA-2002:542 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000542 Debian Security Information: DSA-176 (Google Search) http://www.debian.org/security/2002/dsa-176 Debian Security Information: DSA-179 (Google Search) http://www.debian.org/security/2002/dsa-179 Debian Security Information: DSA-182 (Google Search) http://www.debian.org/security/2002/dsa-182 http://www.mandriva.com/security/advisories?name=MDKSA-2002:069 http://www.mandriva.com/security/advisories?name=MDKSA-2002:071 http://www.redhat.com/support/errata/RHSA-2002-207.html http://www.redhat.com/support/errata/RHSA-2002-212.html http://www.redhat.com/support/errata/RHSA-2002-220.html http://www.iss.net/security_center/static/10201.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com