Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200406-15 (Usermin)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54600

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200406-15 (Usermin)

Resumen: The remote host is missing updates announced in;advisory GLSA 200406-15.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200406-15.

Vulnerability Insight:
Usermin contains two security vulnerabilities which could lead to a Denial
of Service attack and information disclosure.

Solution:
Usermin users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=app-admin/usermin-1.080'
# emerge '>=app-admin/usermin-1.080'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0583
BugTraq ID: 10474
http://www.securityfocus.com/bid/10474
BugTraq ID: 10523
http://www.securityfocus.com/bid/10523
Bugtraq: 20040611 [SNS Advisory No.75] Webmin/Usermin Account Lockout Bypass Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108737059313829&w=2
Debian Security Information: DSA-526 (Google Search)
http://www.debian.org/security/2004/dsa-526
http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml
http://www.gentoo.org/security/en/glsa/glsa-200406-15.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/75_e.html
XForce ISS Database: webmin-username-password-dos(16334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16334
Common Vulnerability Exposure (CVE) ID: CVE-2004-0588
BugTraq ID: 10521
http://www.securityfocus.com/bid/10521
Bugtraq: 20040611 [SNS Advisory No.73] Usermin Cross-site Scripting Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108781564518287&w=2
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/73_e.html
XForce ISS Database: usermin-email-xss(16494)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16494

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54600
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200406-15 (Usermin)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200406-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200406-15. Vulnerability Insight: Usermin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure. Solution: Usermin users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-admin/usermin-1.080' # emerge '>=app-admin/usermin-1.080' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0583 BugTraq ID: 10474 http://www.securityfocus.com/bid/10474 BugTraq ID: 10523 http://www.securityfocus.com/bid/10523 Bugtraq: 20040611 [SNS Advisory No.75] Webmin/Usermin Account Lockout Bypass Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108737059313829&w=2 Debian Security Information: DSA-526 (Google Search) http://www.debian.org/security/2004/dsa-526 http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml http://www.gentoo.org/security/en/glsa/glsa-200406-15.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074 http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/75_e.html XForce ISS Database: webmin-username-password-dos(16334) https://exchange.xforce.ibmcloud.com/vulnerabilities/16334 Common Vulnerability Exposure (CVE) ID: CVE-2004-0588 BugTraq ID: 10521 http://www.securityfocus.com/bid/10521 Bugtraq: 20040611 [SNS Advisory No.73] Usermin Cross-site Scripting Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108781564518287&w=2 http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/73_e.html XForce ISS Database: usermin-email-xss(16494) https://exchange.xforce.ibmcloud.com/vulnerabilities/16494
Copyright	Copyright (C) 2008 E-Soft Inc.