Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200502-07 (openmotif)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54839

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200502-07 (openmotif)

Resumen: The remote host is missing updates announced in;advisory GLSA 200502-07.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200502-07.

Vulnerability Insight:
Multiple vulnerabilities have been discovered in libXpm, which is included
in OpenMotif, that can potentially lead to remote code execution.

Solution:
All OpenMotif users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose x11-libs/openmotif

Note: You should run 'revdep-rebuild' to ensure that all applications
linked to OpenMotif are properly rebuilt.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0687
http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
BugTraq ID: 11196
http://www.securityfocus.com/bid/11196
Bugtraq: 20040915 CESA-2004-004: libXpm (Google Search)
http://marc.info/?l=bugtraq&m=109530851323415&w=2
Cert/CC Advisory: TA05-136A
http://www.us-cert.gov/cas/techalerts/TA05-136A.html
CERT/CC vulnerability note: VU#882750
http://www.kb.cert.org/vuls/id/882750
Conectiva Linux advisory: CLA-2005:924
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924
Debian Security Information: DSA-560 (Google Search)
http://www.debian.org/security/2004/dsa-560
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml
http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml
HPdes Security Advisory: HPSBUX02119
http://www.securityfocus.com/archive/1/434715/100/0/threaded
HPdes Security Advisory: SSRT4848
http://www.mandriva.com/security/advisories?name=MDKSA-2004:098
http://packetstormsecurity.com/files/170620/Solaris-10-dtprintinfo-libXm-libXpm-Security-Issues.html
http://scary.beasts.org/security/CESA-2004-003.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9187
RedHat Security Advisories: RHSA-2004:537
http://www.redhat.com/support/errata/RHSA-2005-004.html
http://secunia.com/advisories/20235
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1
SuSE Security Announcement: SUSE-SA:2004:034 (Google Search)
http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html
https://usn.ubuntu.com/27-1/
http://www.vupen.com/english/advisories/2006/1914
XForce ISS Database: libxpm-multiple-stack-bo(17414)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17414
Common Vulnerability Exposure (CVE) ID: CVE-2004-0688
CERT/CC vulnerability note: VU#537878
http://www.kb.cert.org/vuls/id/537878
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11796
XForce ISS Database: libxpm-xpmfile-integer-overflow(17416)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17416
Common Vulnerability Exposure (CVE) ID: CVE-2004-0914
BugTraq ID: 11694
http://www.securityfocus.com/bid/11694
Debian Security Information: DSA-607 (Google Search)
http://www.debian.org/security/2004/dsa-607
http://www.linuxsecurity.com/content/view/106877/102/
http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml
http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml
HPdes Security Advisory: HPSBTU01228
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228
http://www.mandriva.com/security/advisories?name=MDKSA-2004:137
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943
http://rhn.redhat.com/errata/RHSA-2004-537.html
http://www.redhat.com/support/errata/RHSA-2004-610.html
http://secunia.com/advisories/13224/
http://www.ubuntu.com/usn/usn-83-1
http://www.ubuntu.com/usn/usn-83-2
XForce ISS Database: libxpm-command-execution(18145)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18145
XForce ISS Database: libxpm-directory-traversal(18146)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18146
XForce ISS Database: libxpm-dos(18147)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18147
XForce ISS Database: libxpm-image-bo(18142)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18142
XForce ISS Database: libxpm-improper-memory-access(18144)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18144

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54839
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200502-07 (openmotif)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200502-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200502-07. Vulnerability Insight: Multiple vulnerabilities have been discovered in libXpm, which is included in OpenMotif, that can potentially lead to remote code execution. Solution: All OpenMotif users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose x11-libs/openmotif Note: You should run 'revdep-rebuild' to ensure that all applications linked to OpenMotif are properly rebuilt. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0687 http://lists.apple.com/archives/security-announce/2005/May/msg00001.html BugTraq ID: 11196 http://www.securityfocus.com/bid/11196 Bugtraq: 20040915 CESA-2004-004: libXpm (Google Search) http://marc.info/?l=bugtraq&m=109530851323415&w=2 Cert/CC Advisory: TA05-136A http://www.us-cert.gov/cas/techalerts/TA05-136A.html CERT/CC vulnerability note: VU#882750 http://www.kb.cert.org/vuls/id/882750 Conectiva Linux advisory: CLA-2005:924 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924 Debian Security Information: DSA-560 (Google Search) http://www.debian.org/security/2004/dsa-560 http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html http://www.gentoo.org/security/en/glsa/glsa-200409-34.xml http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml HPdes Security Advisory: HPSBUX02119 http://www.securityfocus.com/archive/1/434715/100/0/threaded HPdes Security Advisory: SSRT4848 http://www.mandriva.com/security/advisories?name=MDKSA-2004:098 http://packetstormsecurity.com/files/170620/Solaris-10-dtprintinfo-libXm-libXpm-Security-Issues.html http://scary.beasts.org/security/CESA-2004-003.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9187 RedHat Security Advisories: RHSA-2004:537 http://www.redhat.com/support/errata/RHSA-2005-004.html http://secunia.com/advisories/20235 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1 SuSE Security Announcement: SUSE-SA:2004:034 (Google Search) http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html https://usn.ubuntu.com/27-1/ http://www.vupen.com/english/advisories/2006/1914 XForce ISS Database: libxpm-multiple-stack-bo(17414) https://exchange.xforce.ibmcloud.com/vulnerabilities/17414 Common Vulnerability Exposure (CVE) ID: CVE-2004-0688 CERT/CC vulnerability note: VU#537878 http://www.kb.cert.org/vuls/id/537878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11796 XForce ISS Database: libxpm-xpmfile-integer-overflow(17416) https://exchange.xforce.ibmcloud.com/vulnerabilities/17416 Common Vulnerability Exposure (CVE) ID: CVE-2004-0914 BugTraq ID: 11694 http://www.securityfocus.com/bid/11694 Debian Security Information: DSA-607 (Google Search) http://www.debian.org/security/2004/dsa-607 http://www.linuxsecurity.com/content/view/106877/102/ http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml HPdes Security Advisory: HPSBTU01228 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228 http://www.mandriva.com/security/advisories?name=MDKSA-2004:137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943 http://rhn.redhat.com/errata/RHSA-2004-537.html http://www.redhat.com/support/errata/RHSA-2004-610.html http://secunia.com/advisories/13224/ http://www.ubuntu.com/usn/usn-83-1 http://www.ubuntu.com/usn/usn-83-2 XForce ISS Database: libxpm-command-execution(18145) https://exchange.xforce.ibmcloud.com/vulnerabilities/18145 XForce ISS Database: libxpm-directory-traversal(18146) https://exchange.xforce.ibmcloud.com/vulnerabilities/18146 XForce ISS Database: libxpm-dos(18147) https://exchange.xforce.ibmcloud.com/vulnerabilities/18147 XForce ISS Database: libxpm-image-bo(18142) https://exchange.xforce.ibmcloud.com/vulnerabilities/18142 XForce ISS Database: libxpm-improper-memory-access(18144) https://exchange.xforce.ibmcloud.com/vulnerabilities/18144
Copyright	Copyright (C) 2008 E-Soft Inc.