Red Hat Local Security Checks : RedHat Security Advisory RHSA-2003:223

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50970

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2003:223

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2003:223.

Stunnel is a wrapper for network connections. It can be used to tunnel an
unencrypted network connection over a secure connection (encrypted using
SSL or TLS) or to provide a secure means of connecting to services that do
not natively support encryption.

When configured to listen for incoming connections (instead of being
invoked by xinetd), stunnel can be configured to either start a thread or a
child process to handle each new connection. If Stunnel is configured to
start a new child process to handle each connection, it will receive a
SIGCHLD signal when that child exits.

Stunnel versions prior to 4.04 would perform tasks in the SIGCHLD signal
handler which, if interrupted by another SIGCHLD signal, could be unsafe.
This could lead to a denial of service.

All users are urged to upgrade to these errata packages, which modify
stunnel's signal handler so that it is not vulnerable to this issue.

NOTE: After upgrading, any instances of stunnel configured to run in daemon
mode should be restarted, and any active network connections that are
currently being serviced by stunnel should be terminated and reestablished.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2003-223.html
http://marc.theaimsgroup.com/?l=stunnel-users&m=103600188215117

Risk factor : Low

CVSS Score:
1.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2002-1563
BugTraq ID: 6592
http://www.securityfocus.com/bid/6592
Bugtraq: 20030112 SIGCHLD problem in Stunnel (Google Search)
http://marc.info/?l=bugtraq&m=104247606910598
Conectiva Linux advisory: CLA-2003:736
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000736
En Garde Linux Advisory: ESA-20030806-020
http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html
http://marc.info/?l=stunnel-users&m=103600188215117&w=2
http://www.redhat.com/support/errata/RHSA-2003-221.html
http://www.redhat.com/support/errata/RHSA-2003-223.html
http://marc.info/?l=bugtraq&m=106029168514511&w=2

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50970
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2003:223
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2003:223. Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over a secure connection (encrypted using SSL or TLS) or to provide a secure means of connecting to services that do not natively support encryption. When configured to listen for incoming connections (instead of being invoked by xinetd), stunnel can be configured to either start a thread or a child process to handle each new connection. If Stunnel is configured to start a new child process to handle each connection, it will receive a SIGCHLD signal when that child exits. Stunnel versions prior to 4.04 would perform tasks in the SIGCHLD signal handler which, if interrupted by another SIGCHLD signal, could be unsafe. This could lead to a denial of service. All users are urged to upgrade to these errata packages, which modify stunnel's signal handler so that it is not vulnerable to this issue. NOTE: After upgrading, any instances of stunnel configured to run in daemon mode should be restarted, and any active network connections that are currently being serviced by stunnel should be terminated and reestablished. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-223.html http://marc.theaimsgroup.com/?l=stunnel-users&m=103600188215117 Risk factor : Low CVSS Score: 1.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1563 BugTraq ID: 6592 http://www.securityfocus.com/bid/6592 Bugtraq: 20030112 SIGCHLD problem in Stunnel (Google Search) http://marc.info/?l=bugtraq&m=104247606910598 Conectiva Linux advisory: CLA-2003:736 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000736 En Garde Linux Advisory: ESA-20030806-020 http://www.linuxsecurity.com/advisories/engarde_advisory-3535.html http://marc.info/?l=stunnel-users&m=103600188215117&w=2 http://www.redhat.com/support/errata/RHSA-2003-221.html http://www.redhat.com/support/errata/RHSA-2003-223.html http://marc.info/?l=bugtraq&m=106029168514511&w=2
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com