Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.51324
Categoría:Conectiva Local Security Checks
Título:Conectiva Security Advisory CLA-2005:921
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory CLA-2005:921.

xpdf[1] is a viewer for Portable Document Format (PDF) files, whose
code was used by many other projects, like gpdf, cups and tetex.

iDefense noticed[2] other two issues[3,4] in the xpdf code where two
buffer overflows could lead to remote code execution
vulnerabilities.


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.foolabs.com/xpdf
http://http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:921
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000921

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1125
BugTraq ID: 12070
http://www.securityfocus.com/bid/12070
Bugtraq: 20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability (Google Search)
http://marc.info/?t=110378596500001&r=1&w=2
Conectiva Linux advisory: CLA-2005:921
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000921
https://bugzilla.fedora.us/show_bug.cgi?id=2352
https://bugzilla.fedora.us/show_bug.cgi?id=2353
http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030241.html
http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml
http://www.gentoo.org/security/en/glsa/glsa-200501-13.xml
http://www.gentoo.org/security/en/glsa/glsa-200501-17.xml
http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10830
http://www.redhat.com/support/errata/RHSA-2005-013.html
http://www.redhat.com/support/errata/RHSA-2005-018.html
http://www.redhat.com/support/errata/RHSA-2005-026.html
http://www.redhat.com/support/errata/RHSA-2005-034.html
http://www.redhat.com/support/errata/RHSA-2005-053.html
http://www.redhat.com/support/errata/RHSA-2005-057.html
http://www.redhat.com/support/errata/RHSA-2005-066.html
http://www.redhat.com/support/errata/RHSA-2005-354.html
SCO Security Bulletin: SCOSA-2005.42
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
http://securitytracker.com/id?1012646
http://secunia.com/advisories/17277
SuSE Security Announcement: SUSE-SR:2005:001 (Google Search)
http://www.novell.com/linux/security/advisories/2005_01_sr.html
https://usn.ubuntu.com/50-1/
XForce ISS Database: xpdf-gfx-doimage-bo(18641)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18641
Common Vulnerability Exposure (CVE) ID: CVE-2005-0064
Bugtraq: 20050119 [USN-64-1] xpdf, CUPS vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110625368019554&w=2
Debian Security Information: DSA-645 (Google Search)
http://www.debian.org/security/2005/dsa-645
Debian Security Information: DSA-648 (Google Search)
http://www.debian.org/security/2005/dsa-648
https://security.gentoo.org/glsa/200501-28
https://security.gentoo.org/glsa/200502-10
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities
http://www.mandriva.com/security/advisories?name=MDKSA-2005:016
http://www.mandriva.com/security/advisories?name=MDKSA-2005:017
http://www.mandriva.com/security/advisories?name=MDKSA-2005:018
http://www.mandriva.com/security/advisories?name=MDKSA-2005:019
http://www.mandriva.com/security/advisories?name=MDKSA-2005:020
http://www.mandriva.com/security/advisories?name=MDKSA-2005:021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11781
http://www.redhat.com/support/errata/RHSA-2005-059.html
http://www.trustix.org/errata/2005/0003/
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.