ID de Prueba:	1.3.6.1.4.1.25623.1.0.51116
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2004:244
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2004:244. Tripwire is a system integrity assessment tool. Paul Herman discovered a format string vulnerability in Tripwire version 2.3.1 and earlier. If Tripwire is configured to send reports via email, a local user could gain privileges by creating a carefully crafted file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0536 to this issue. Users of Tripwire are advised to upgrade to this erratum package which contains a backported security patch to correct this issue. The erratum package also contains some minor bug fixes. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-244.html http://marc.theaimsgroup.com/?l=bugtraq&m=108627481507249 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	BugTraq ID: 10454 Common Vulnerability Exposure (CVE) ID: CVE-2004-0536 http://www.securityfocus.com/bid/10454 Bugtraq: 20040602 Format String Vulnerability in Tripwire (Google Search) http://marc.info/?l=bugtraq&m=108627481507249&w=2 Bugtraq: 20040603 Re: Format String Vulnerability in Tripwire (Google Search) http://marc.info/?l=bugtraq&m=108630983009228&w=2 http://security.gentoo.org/glsa/glsa-200406-02.xml http://www.redhat.com/support/errata/RHSA-2004-244.html XForce ISS Database: tripwire-fprintf-format-string(16309) https://exchange.xforce.ibmcloud.com/vulnerabilities/16309
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.