Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:543

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54486

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:543

Resumen: Redhat Security Advisory RHSA-2005:543

Descripción:
The remote host is missing updates announced in
advisory RHSA-2005:543.

Ruby is an interpreted scripting language for object-oriented programming.

A bug was found in the way Ruby launched an XMLRPC server. If an XMLRPC
server is launched in a certain way, it becomes possible for a remote
attacker to execute arbitrary commands within the XMLRPC server. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-1992 to this issue.

Users of Ruby should update to these erratum packages, which contain a
backported patch and are not vulnerable to this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-543.html

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1992
http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html
Debian Security Information: DSA-748 (Google Search)
http://www.debian.org/security/2005/dsa-748
http://www.redhat.com/support/errata/RHSA-2005-543.html
SuSE Security Announcement: SUSE-SR:2005:018 (Google Search)
http://www.novell.com/linux/security/advisories/2005_18_sr.html
AUSCERT Advisory: ESB-2005.0732
http://www.auscert.org.au/5509
CERT/CC vulnerability note: VU#684913
http://www.kb.cert.org/vuls/id/684913
Computer Incident Advisory Center Bulletin: P-312
http://www.ciac.org/ciac/bulletins/p-312.shtml
BugTraq ID: 14016
http://www.securityfocus.com/bid/14016
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10819
http://secunia.com/advisories/16920/

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54486
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:543
Resumen:	Redhat Security Advisory RHSA-2005:543
Descripción:	The remote host is missing updates announced in advisory RHSA-2005:543. Ruby is an interpreted scripting language for object-oriented programming. A bug was found in the way Ruby launched an XMLRPC server. If an XMLRPC server is launched in a certain way, it becomes possible for a remote attacker to execute arbitrary commands within the XMLRPC server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1992 to this issue. Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-543.html Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1992 http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html Debian Security Information: DSA-748 (Google Search) http://www.debian.org/security/2005/dsa-748 http://www.redhat.com/support/errata/RHSA-2005-543.html SuSE Security Announcement: SUSE-SR:2005:018 (Google Search) http://www.novell.com/linux/security/advisories/2005_18_sr.html AUSCERT Advisory: ESB-2005.0732 http://www.auscert.org.au/5509 CERT/CC vulnerability note: VU#684913 http://www.kb.cert.org/vuls/id/684913 Computer Incident Advisory Center Bulletin: P-312 http://www.ciac.org/ciac/bulletins/p-312.shtml BugTraq ID: 14016 http://www.securityfocus.com/bid/14016 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10819 http://secunia.com/advisories/16920/
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com