Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200408-13 (kde, kdebase, kdelibs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54643

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200408-13 (kde, kdebase, kdelibs)

Resumen: The remote host is missing updates announced in;advisory GLSA 200408-13.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200408-13.

Vulnerability Insight:
KDE contains three security issues that can allow an attacker to compromise
system accounts, cause a Denial of Service, or spoof websites via frame
injection.

Solution:
All KDE users should upgrade to the latest versions of kdelibs and kdebase:

# emerge sync

# emerge -pv '>=kde-base/kdebase-3.2.3-r1'
# emerge '>=kde-base/kdebase-3.2.3-r1'

# emerge -pv '>=kde-base/kdelibs-3.2.3-r1'
# emerge '>=kde-base/kdelibs-3.2.3-r1'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0689
Bugtraq: 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=109225538901170&w=2
Conectiva Linux advisory: CLA-2004:864
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
Debian Security Information: DSA-539 (Google Search)
http://www.debian.org/security/2004/dsa-539
http://security.gentoo.org/glsa/glsa-200408-13.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334
http://secunia.com/advisories/12276/
XForce ISS Database: kde-application-symlink(16963)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16963
Common Vulnerability Exposure (CVE) ID: CVE-2004-0690
BugTraq ID: 10924
http://www.securityfocus.com/bid/10924
CERT/CC vulnerability note: VU#330638
http://www.kb.cert.org/vuls/id/330638
http://www.mandriva.com/security/advisories?name=MDKSA-2004:086
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386
http://secunia.com/advisories/12276
XForce ISS Database: kde-dcopserver-symlink(16962)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16962
Common Vulnerability Exposure (CVE) ID: CVE-2004-0721
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371
http://secunia.com/advisories/11978
XForce ISS Database: http-frame-spoof(1598)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1598

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54643
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200408-13 (kde, kdebase, kdelibs)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200408-13.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200408-13. Vulnerability Insight: KDE contains three security issues that can allow an attacker to compromise system accounts, cause a Denial of Service, or spoof websites via frame injection. Solution: All KDE users should upgrade to the latest versions of kdelibs and kdebase: # emerge sync # emerge -pv '>=kde-base/kdebase-3.2.3-r1' # emerge '>=kde-base/kdebase-3.2.3-r1' # emerge -pv '>=kde-base/kdelibs-3.2.3-r1' # emerge '>=kde-base/kdelibs-3.2.3-r1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0689 Bugtraq: 20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109225538901170&w=2 Conectiva Linux advisory: CLA-2004:864 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 Debian Security Information: DSA-539 (Google Search) http://www.debian.org/security/2004/dsa-539 http://security.gentoo.org/glsa/glsa-200408-13.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334 http://secunia.com/advisories/12276/ XForce ISS Database: kde-application-symlink(16963) https://exchange.xforce.ibmcloud.com/vulnerabilities/16963 Common Vulnerability Exposure (CVE) ID: CVE-2004-0690 BugTraq ID: 10924 http://www.securityfocus.com/bid/10924 CERT/CC vulnerability note: VU#330638 http://www.kb.cert.org/vuls/id/330638 http://www.mandriva.com/security/advisories?name=MDKSA-2004:086 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261386 http://secunia.com/advisories/12276 XForce ISS Database: kde-dcopserver-symlink(16962) https://exchange.xforce.ibmcloud.com/vulnerabilities/16962 Common Vulnerability Exposure (CVE) ID: CVE-2004-0721 http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371 http://secunia.com/advisories/11978 XForce ISS Database: http-frame-spoof(1598) https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
Copyright	Copyright (C) 2008 E-Soft Inc.