Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200512-02 (webmin usermin)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55975

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200512-02 (webmin usermin)

Resumen: The remote host is missing updates announced in;advisory GLSA 200512-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200512-02.

Vulnerability Insight:
Webmin and Usermin are vulnerable to a format string vulnerability which
may lead to the execution of arbitrary code.

Solution:
All Webmin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-admin/webmin-1.250'

All Usermin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-admin/usermin-1.180'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-3912
Bugtraq: 20051129 Webmin miniserv.pl format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/418093/100/0/threaded
Debian Security Information: DSA-1199 (Google Search)
http://www.debian.org/security/2006/dsa-1199
http://www.gentoo.org/security/en/glsa/glsa-200512-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:223
http://www.dyadsecurity.com/webmin-0001.html
http://lists.immunitysec.com/pipermail/dailydave/2005-November/002685.html
http://secunia.com/advisories/17749
http://secunia.com/advisories/17817
http://secunia.com/advisories/17878
http://secunia.com/advisories/17942
http://secunia.com/advisories/18101
http://secunia.com/advisories/22556
SuSE Security Announcement: SUSE-SR:2005:030 (Google Search)
http://www.novell.com/linux/security/advisories/2005_30_sr.html
http://www.vupen.com/english/advisories/2005/2660

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55975
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200512-02 (webmin usermin)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200512-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200512-02. Vulnerability Insight: Webmin and Usermin are vulnerable to a format string vulnerability which may lead to the execution of arbitrary code. Solution: All Webmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/webmin-1.250' All Usermin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/usermin-1.180' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3912 Bugtraq: 20051129 Webmin miniserv.pl format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/418093/100/0/threaded Debian Security Information: DSA-1199 (Google Search) http://www.debian.org/security/2006/dsa-1199 http://www.gentoo.org/security/en/glsa/glsa-200512-02.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:223 http://www.dyadsecurity.com/webmin-0001.html http://lists.immunitysec.com/pipermail/dailydave/2005-November/002685.html http://secunia.com/advisories/17749 http://secunia.com/advisories/17817 http://secunia.com/advisories/17878 http://secunia.com/advisories/17942 http://secunia.com/advisories/18101 http://secunia.com/advisories/22556 SuSE Security Announcement: SUSE-SR:2005:030 (Google Search) http://www.novell.com/linux/security/advisories/2005_30_sr.html http://www.vupen.com/english/advisories/2005/2660
Copyright	Copyright (C) 2008 E-Soft Inc.