ID de Prueba:	1.3.6.1.4.1.25623.1.0.53913
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2004-247-01)
Resumen:	The remote host is missing an update for the 'kde' package(s) announced via the SSA:2004-247-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kde' package(s) announced via the SSA:2004-247-01 advisory. Vulnerability Insight: New kdelibs and kdebase packages are available for Slackware 9.1, 10.0, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ Fri Sep 3 13:13:09 PDT 2004 patches/packages/kdebase-3.2.3-i486-2.tgz: Patched frame injection vulnerability in Konqueror. For more details, see: [link moved to references] (* Security fix *) patches/packages/kdelibs-3.2.3-i486-2.tgz: Patched unsafe temporary directory usage, cross-domain cookie injection vulnerability for certain country specific domains, and frame injection vulnerability in Konqueror. For more details, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'kde' package(s) on Slackware 9.1, Slackware 10.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0689 Bugtraq: 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109225538901170&w=2 Conectiva Linux advisory: CLA-2004:864 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 Debian Security Information: DSA-539 (Google Search) http://www.debian.org/security/2004/dsa-539 http://security.gentoo.org/glsa/glsa-200408-13.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 http://secunia.com/advisories/12276/ XForce ISS Database: kde-application-symlink(16963) https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 Common Vulnerability Exposure (CVE) ID: CVE-2004-0690 BugTraq ID: 10924 http://www.securityfocus.com/bid/10924 CERT/CC vulnerability note: VU#330638 http://www.kb.cert.org/vuls/id/330638 http://www.mandriva.com/security/advisories?name=MDKSA-2004:086 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386 http://secunia.com/advisories/12276 XForce ISS Database: kde-dcopserver-symlink(16962) https://exchange.xforce.ibmcloud.com/vulnerabilities/16962 Common Vulnerability Exposure (CVE) ID: CVE-2004-0721 http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371 http://secunia.com/advisories/11978 XForce ISS Database: http-frame-spoof(1598) https://exchange.xforce.ibmcloud.com/vulnerabilities/1598 Common Vulnerability Exposure (CVE) ID: CVE-2004-0746 BugTraq ID: 10991 http://www.securityfocus.com/bid/10991 Bugtraq: 20040823 KDE Security Advisory: Konqueror Cross-Domain Cookie Injection (Google Search) http://marc.info/?l=bugtraq&m=109327681304401&w=2 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:086 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11281 http://secunia.com/advisories/12341 XForce ISS Database: kde-konqueror-cookie-set(17063) https://exchange.xforce.ibmcloud.com/vulnerabilities/17063
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.