Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200502-24 (mc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54856

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200502-24 (mc)

Resumen: The remote host is missing updates announced in;advisory GLSA 200502-24.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200502-24.

Vulnerability Insight:
Midnight Commander contains several format string errors, buffer overflows
and one buffer underflow leading to execution of arbitrary code.

Solution:
All Midnight Commander users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-misc/mc-4.6.0-r13'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1004
Debian Security Information: DSA-639 (Google Search)
http://www.debian.org/security/2005/dsa-639
http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml
http://www.redhat.com/support/errata/RHSA-2005-217.html
http://secunia.com/advisories/13863/
XForce ISS Database: midnightcommander-format-string(18902)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18902
Common Vulnerability Exposure (CVE) ID: CVE-2004-1005
XForce ISS Database: midnight-commander-bo(18898)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18898
Common Vulnerability Exposure (CVE) ID: CVE-2004-1092
XForce ISS Database: midnight-commander-memory-allocation(18904)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18904
Common Vulnerability Exposure (CVE) ID: CVE-2004-1176
http://securitytracker.com/id?1012903
http://secunia.com/advisories/13863
XForce ISS Database: midnight-commander-extfs-dos(18911)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18911

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54856
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200502-24 (mc)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200502-24.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200502-24. Vulnerability Insight: Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code. Solution: All Midnight Commander users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-misc/mc-4.6.0-r13' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1004 Debian Security Information: DSA-639 (Google Search) http://www.debian.org/security/2005/dsa-639 http://www.gentoo.org/security/en/glsa/glsa-200502-24.xml http://www.redhat.com/support/errata/RHSA-2005-217.html http://secunia.com/advisories/13863/ XForce ISS Database: midnightcommander-format-string(18902) https://exchange.xforce.ibmcloud.com/vulnerabilities/18902 Common Vulnerability Exposure (CVE) ID: CVE-2004-1005 XForce ISS Database: midnight-commander-bo(18898) https://exchange.xforce.ibmcloud.com/vulnerabilities/18898 Common Vulnerability Exposure (CVE) ID: CVE-2004-1092 XForce ISS Database: midnight-commander-memory-allocation(18904) https://exchange.xforce.ibmcloud.com/vulnerabilities/18904 Common Vulnerability Exposure (CVE) ID: CVE-2004-1176 http://securitytracker.com/id?1012903 http://secunia.com/advisories/13863 XForce ISS Database: midnight-commander-extfs-dos(18911) https://exchange.xforce.ibmcloud.com/vulnerabilities/18911
Copyright	Copyright (C) 2008 E-Soft Inc.