Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200503-21 (grip)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54886

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200503-21 (grip)

Resumen: The remote host is missing updates announced in;advisory GLSA 200503-21.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200503-21.

Vulnerability Insight:
Grip contains a buffer overflow that can be triggered by a large CDDB
response, potentially allowing the execution of arbitrary code.

Solution:
All Grip users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-sound/grip-3.3.0'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0706
12770
http://www.securityfocus.com/bid/12770
32803
http://secunia.com/advisories/32803
33389
http://secunia.com/advisories/33389
33824
http://secunia.com/advisories/33824
FEDORA-2008-11956
https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html
FEDORA-2008-9521
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00490.html
FEDORA-2008-9604
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00429.html
FLSA:152919
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152919
GLSA-200503-21
http://security.gentoo.org/glsa/glsa-200503-21.xml
RHSA-2005:304
http://www.redhat.com/support/errata/RHSA-2005-304.html
RHSA-2009:0005
http://www.redhat.com/support/errata/RHSA-2009-0005.html
grip-cddb-bo(19648)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19648
http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html
http://sourceforge.net/tracker/index.php?func=detail&aid=1160134&group_id=3714&atid=303714
http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714
oval:org.mitre.oval:def:10768
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10768

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54886
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200503-21 (grip)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200503-21.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200503-21. Vulnerability Insight: Grip contains a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code. Solution: All Grip users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-sound/grip-3.3.0' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0706 12770 http://www.securityfocus.com/bid/12770 32803 http://secunia.com/advisories/32803 33389 http://secunia.com/advisories/33389 33824 http://secunia.com/advisories/33824 FEDORA-2008-11956 https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html FEDORA-2008-9521 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00490.html FEDORA-2008-9604 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00429.html FLSA:152919 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152919 GLSA-200503-21 http://security.gentoo.org/glsa/glsa-200503-21.xml RHSA-2005:304 http://www.redhat.com/support/errata/RHSA-2005-304.html RHSA-2009:0005 http://www.redhat.com/support/errata/RHSA-2009-0005.html grip-cddb-bo(19648) https://exchange.xforce.ibmcloud.com/vulnerabilities/19648 http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/gnome-vfs-1.0.5-816.2.i586.html http://sourceforge.net/tracker/index.php?func=detail&aid=1160134&group_id=3714&atid=303714 http://sourceforge.net/tracker/index.php?func=detail&aid=834724&group_id=3714&atid=103714 oval:org.mitre.oval:def:10768 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10768
Copyright	Copyright (C) 2008 E-Soft Inc.