Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:1025 (python)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55582

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLSA-2005:1025 (python)

Resumen: Conectiva Security Advisory CLSA-2005:1025 (python)

Descripción:
The remote host is missing updates announced in
advisory CLSA-2005:1025.

As Python has a private copy of PCRE, this announcement fixes a
PCRE integer overflow vulnerability in pcre_compile.c that may
allow remote attackers to execute arbitrary code via quantifier
values in regular expressions.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001025
http://www.python.org/
http://www.pcre.org/

Risk factor : High

Referencia Cruzada: BugTraq ID: 15647
BugTraq ID: 14620
Common Vulnerability Exposure (CVE) ID: CVE-2005-2491
http://docs.info.apple.com/article.html?artnum=302847
Debian Security Information: DSA-800 (Google Search)
http://www.debian.org/security/2005/dsa-800
Debian Security Information: DSA-817 (Google Search)
http://www.debian.org/security/2005/dsa-817
Debian Security Information: DSA-819 (Google Search)
http://www.debian.org/security/2005/dsa-819
Debian Security Information: DSA-821 (Google Search)
http://www.debian.org/security/2005/dsa-821
http://www.securityfocus.com/archive/1/archive/1/427046/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
HPdes Security Advisory: HPSBUX02074
http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded
HPdes Security Advisory: SSRT051251
HPdes Security Advisory: HPSBMA02159
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
HPdes Security Advisory: SSRT061238
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.redhat.com/support/errata/RHSA-2005-761.html
http://www.redhat.com/support/errata/RHSA-2006-0197.html
http://marc.theaimsgroup.com/?l=bugtraq&m=112606064317223&w=2
http://www.redhat.com/support/errata/RHSA-2005-358.html
SCO Security Bulletin: SCOSA-2006.10
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
SGI Security Advisory: 20060401-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2
SuSE Security Announcement: SUSE-SA:2005:048 (Google Search)
http://www.novell.com/linux/security/advisories/2005_48_pcre.html
SuSE Security Announcement: SUSE-SA:2005:049 (Google Search)
http://www.novell.com/linux/security/advisories/2005_49_php.html
SuSE Security Announcement: SUSE-SA:2005:052 (Google Search)
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://www.securityfocus.com/bid/14620
http://www.securityfocus.com/bid/15647
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11516
http://www.vupen.com/english/advisories/2005/1511
http://www.vupen.com/english/advisories/2005/2659
http://www.vupen.com/english/advisories/2006/0789
http://www.vupen.com/english/advisories/2006/4320
http://www.vupen.com/english/advisories/2006/4502
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:735
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1496
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1659
http://securitytracker.com/id?1014744
http://secunia.com/advisories/17813
http://secunia.com/advisories/16502
http://secunia.com/advisories/16679
http://secunia.com/advisories/19072
http://secunia.com/advisories/19193
http://secunia.com/advisories/17252
http://secunia.com/advisories/19532
http://secunia.com/advisories/21522
http://secunia.com/advisories/22691
http://secunia.com/advisories/22875
http://securityreason.com/securityalert/604

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55582
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLSA-2005:1025 (python)
Resumen:	Conectiva Security Advisory CLSA-2005:1025 (python)
Descripción:	The remote host is missing updates announced in advisory CLSA-2005:1025. As Python has a private copy of PCRE, this announcement fixes a PCRE integer overflow vulnerability in pcre_compile.c that may allow remote attackers to execute arbitrary code via quantifier values in regular expressions. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001025 http://www.python.org/ http://www.pcre.org/ Risk factor : High
Referencia Cruzada:	BugTraq ID: 15647 BugTraq ID: 14620 Common Vulnerability Exposure (CVE) ID: CVE-2005-2491 http://docs.info.apple.com/article.html?artnum=302847 Debian Security Information: DSA-800 (Google Search) http://www.debian.org/security/2005/dsa-800 Debian Security Information: DSA-817 (Google Search) http://www.debian.org/security/2005/dsa-817 Debian Security Information: DSA-819 (Google Search) http://www.debian.org/security/2005/dsa-819 Debian Security Information: DSA-821 (Google Search) http://www.debian.org/security/2005/dsa-821 http://www.securityfocus.com/archive/1/archive/1/427046/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml HPdes Security Advisory: HPSBUX02074 http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded HPdes Security Advisory: SSRT051251 HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.redhat.com/support/errata/RHSA-2005-761.html http://www.redhat.com/support/errata/RHSA-2006-0197.html http://marc.theaimsgroup.com/?l=bugtraq&m=112606064317223&w=2 http://www.redhat.com/support/errata/RHSA-2005-358.html SCO Security Bulletin: SCOSA-2006.10 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt SGI Security Advisory: 20060401-01-U ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2 SuSE Security Announcement: SUSE-SA:2005:048 (Google Search) http://www.novell.com/linux/security/advisories/2005_48_pcre.html SuSE Security Announcement: SUSE-SA:2005:049 (Google Search) http://www.novell.com/linux/security/advisories/2005_49_php.html SuSE Security Announcement: SUSE-SA:2005:052 (Google Search) http://www.novell.com/linux/security/advisories/2005_52_apache2.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://www.securityfocus.com/bid/14620 http://www.securityfocus.com/bid/15647 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11516 http://www.vupen.com/english/advisories/2005/1511 http://www.vupen.com/english/advisories/2005/2659 http://www.vupen.com/english/advisories/2006/0789 http://www.vupen.com/english/advisories/2006/4320 http://www.vupen.com/english/advisories/2006/4502 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:735 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1496 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1659 http://securitytracker.com/id?1014744 http://secunia.com/advisories/17813 http://secunia.com/advisories/16502 http://secunia.com/advisories/16679 http://secunia.com/advisories/19072 http://secunia.com/advisories/19193 http://secunia.com/advisories/17252 http://secunia.com/advisories/19532 http://secunia.com/advisories/21522 http://secunia.com/advisories/22691 http://secunia.com/advisories/22875 http://securityreason.com/securityalert/604
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com