Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200507-26 (gnugadu centericq kadu ekg libgadu)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55002

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200507-26 (gnugadu centericq kadu ekg libgadu)

Resumen: The remote host is missing updates announced in;advisory GLSA 200507-26.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200507-26.

Vulnerability Insight:
GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer
overflow which could potentially lead to the execution of arbitrary code
or a Denial of Service.

Solution:
All GNU Gadu users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/gnugadu-2.2.6-r1'

All Kadu users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/kadu-0.4.1'

All EKG users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/ekg-1.6_rc3'

All libgadu users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-libs/libgadu-20050719'

All CenterICQ users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/centericq-4.20.0-r3'

CenterICQ is no longer distributed with Gadu Gadu support, affected users
are encouraged to migrate to an alternative package.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1852
BugTraq ID: 14345
http://www.securityfocus.com/bid/14345
Bugtraq: 20050721 Multiple vulnerabilities in libgadu and ekg package (Google Search)
http://marc.info/?l=bugtraq&m=112198499417250&w=2
http://lwn.net/Articles/144724/
http://security.gentoo.org/glsa/glsa-200507-23.xml
http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532
http://www.redhat.com/support/errata/RHSA-2005-639.html
http://secunia.com/advisories/16140
http://secunia.com/advisories/16155
http://secunia.com/advisories/16211
http://secunia.com/advisories/16242
SuSE Security Announcement: SUSE-SR:2005:019 (Google Search)
http://www.novell.com/linux/security/advisories/2005_19_sr.html

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55002
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200507-26 (gnugadu centericq kadu ekg libgadu)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200507-26.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200507-26. Vulnerability Insight: GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer overflow which could potentially lead to the execution of arbitrary code or a Denial of Service. Solution: All GNU Gadu users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/gnugadu-2.2.6-r1' All Kadu users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/kadu-0.4.1' All EKG users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/ekg-1.6_rc3' All libgadu users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/libgadu-20050719' All CenterICQ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/centericq-4.20.0-r3' CenterICQ is no longer distributed with Gadu Gadu support, affected users are encouraged to migrate to an alternative package. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1852 BugTraq ID: 14345 http://www.securityfocus.com/bid/14345 Bugtraq: 20050721 Multiple vulnerabilities in libgadu and ekg package (Google Search) http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://lwn.net/Articles/144724/ http://security.gentoo.org/glsa/glsa-200507-23.xml http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9532 http://www.redhat.com/support/errata/RHSA-2005-639.html http://secunia.com/advisories/16140 http://secunia.com/advisories/16155 http://secunia.com/advisories/16211 http://secunia.com/advisories/16242 SuSE Security Announcement: SUSE-SR:2005:019 (Google Search) http://www.novell.com/linux/security/advisories/2005_19_sr.html
Copyright	Copyright (C) 2008 E-Soft Inc.