ID de Prueba:	1.3.6.1.4.1.25623.1.0.53988
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2005:971 (ipsec-tools)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2005:971. This installed version is vulnerable to a denial of service vulnerability, as well as allowing unauthorized users to connect and or to perform man-in-the-middle attacks as a result of incomplete certificate validation. Solution: Perform the necessary upgrades (including making sure you are running the latest kernel.) http://ipsec-tools.sf.net http://bugzilla.conectiva.com.br/show_bug.cgi?id=13032 http://bugzilla.conectiva.com.br/show_bug.cgi?id=13033 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000971 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0398 1013433 http://securitytracker.com/id?1013433 12804 http://www.securityfocus.com/bid/12804 14584 http://secunia.com/advisories/14584 ADV-2005-0264 http://www.vupen.com/english/advisories/2005/0264 GLSA-200503-33 http://security.gentoo.org/glsa/glsa-200503-33.xml MDKSA-2005:062 http://www.mandriva.com/security/advisories?name=MDKSA-2005:062 RHSA-2005:232 http://www.redhat.com/support/errata/RHSA-2005-232.html [ipsec-tools-devel] 20050312 potential remote crash in racoon http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view oval:org.mitre.oval:def:10028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028 racoon-isakmp-header-dos(19707) https://exchange.xforce.ibmcloud.com/vulnerabilities/19707 Common Vulnerability Exposure (CVE) ID: CVE-2004-0155 http://marc.info/?l=bugtraq&m=108369640424244&w=2 BugTraq ID: 10072 http://www.securityfocus.com/bid/10072 Bugtraq: 20040407 CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections (Google Search) http://marc.info/?l=bugtraq&m=108136746911000&w=2 CERT/CC vulnerability note: VU#552398 http://www.kb.cert.org/vuls/id/552398 http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:027 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A945 http://www.redhat.com/support/errata/RHSA-2004-165.html SCO Security Bulletin: SCOSA-2005.10 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt http://secunia.com/advisories/11328
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.