Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:159 (kdeedu)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55230

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2005:159 (kdeedu)

Resumen: Mandrake Security Advisory MDKSA-2005:159 (kdeedu)

Descripción:
The remote host is missing an update to kdeedu
announced via advisory MDKSA-2005:159.

Ben Burton notified the KDE security team about several tempfile
handling related vulnerabilities in langen2kvtml, a conversion script
for kvoctrain. This vulnerability was initially discovered by Javier
Fern�ndez-Sanguino Pe�a.

The script uses known filenames in /tmp which allow an local attacker
to overwrite files writeable by the user (manually) invoking the
conversion script.

The updated packages have been patched to correct this problem.

Affected versions: 10.1, 10.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2101
http://www.kde.org/info/security/advisory-20050815-1.txt

Risk factor : Medium

Referencia Cruzada: BugTraq ID: 14561
Common Vulnerability Exposure (CVE) ID: CVE-2005-2101
Debian Security Information: DSA-818 (Google Search)
http://www.debian.org/security/2005/dsa-818
http://www.mandriva.com/security/advisories?name=MDKSA-2005:159
http://www.securityfocus.com/bid/14561
http://securitytracker.com/id?1014675
http://secunia.com/advisories/16428

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55230
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:159 (kdeedu)
Resumen:	Mandrake Security Advisory MDKSA-2005:159 (kdeedu)
Descripción:	The remote host is missing an update to kdeedu announced via advisory MDKSA-2005:159. Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fern�ndez-Sanguino Pe�a. The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user (manually) invoking the conversion script. The updated packages have been patched to correct this problem. Affected versions: 10.1, 10.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2101 http://www.kde.org/info/security/advisory-20050815-1.txt Risk factor : Medium
Referencia Cruzada:	BugTraq ID: 14561 Common Vulnerability Exposure (CVE) ID: CVE-2005-2101 Debian Security Information: DSA-818 (Google Search) http://www.debian.org/security/2005/dsa-818 http://www.mandriva.com/security/advisories?name=MDKSA-2005:159 http://www.securityfocus.com/bid/14561 http://securitytracker.com/id?1014675 http://secunia.com/advisories/16428
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com