ID de Prueba:	1.3.6.1.4.1.25623.1.0.53925
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2004-161-01)
Resumen:	The remote host is missing an update for the 'cvs' package(s) announced via the SSA:2004-161-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'cvs' package(s) announced via the SSA:2004-161-01 advisory. Vulnerability Insight: New cvs packages that have been upgraded to cvs-1.11.17 are available for Slackware 8.1, 9.0, 9.1, and -current to fix various security issues. Sites running a CVS server should upgrade to the new CVS package right away. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Jun 9 11:35:15 PDT 2004 patches/packages/cvs-1.11.17-i486-1.tgz: Upgraded to cvs-1.11.17. From the cvs NEWS file: * Thanks to Stefan Esser & Sebastian Krahmer, several potential security problems have been fixed. The ones which were considered dangerous enough to catalogue were assigned issue numbers CAN-2004-0416, CAN-2004-0417, & CAN-2004-0418 by the Common Vulnerabilities and Exposures Project. Please see <[link moved to references]> for more information. * A potential buffer overflow vulnerability in the server has been fixed. This addresses the Common Vulnerabilities and Exposures Project's issue CAN-2004-0414. Please see <[link moved to references]> for more information. (* Security fix *) +--------------------------+ Affected Software/OS: 'cvs' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0414 Bugtraq: 20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs) (Google Search) http://marc.info/?l=bugtraq&m=108716553923643&w=2 Debian Security Information: DSA-517 (Google Search) http://www.debian.org/security/2004/dsa-517 http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://security.gentoo.org/glsa/glsa-200406-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:058 http://security.e-matters.de/advisories/092004.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993 http://www.redhat.com/support/errata/RHSA-2004-233.html SGI Security Advisory: 20040604-01-U ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc SGI Security Advisory: 20040605-01-U ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc SuSE Security Announcement: SuSE-SA:2004:015 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2004-0416 Debian Security Information: DSA-519 (Google Search) http://www.debian.org/security/2004/dsa-519 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994 Common Vulnerability Exposure (CVE) ID: CVE-2004-0417 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145 Common Vulnerability Exposure (CVE) ID: CVE-2004-0418 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.