Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200512-10 (opera)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56024

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200512-10 (opera)

Resumen: The remote host is missing updates announced in;advisory GLSA 200512-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200512-10.

Vulnerability Insight:
Lack of URL validation in Opera command-line wrapper could be abused to
execute arbitrary commands.

Solution:
All Opera users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-client/opera-8.51'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-3750
BugTraq ID: 15521
http://www.securityfocus.com/bid/15521
Bugtraq: 20051122 Secunia Research: Opera Command Line URL Shell Command Injection (Google Search)
http://www.securityfocus.com/archive/1/417393/30/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0677.html
http://www.gentoo.org/security/en/glsa/glsa-200512-10.xml
http://secunia.com/secunia_research/2005-57/advisory/
http://www.osvdb.org/21003
http://securitytracker.com/id?1015253
http://secunia.com/advisories/16907
http://secunia.com/advisories/18111
http://securityreason.com/securityalert/199
SuSE Security Announcement: SUSE-SR:2005:028 (Google Search)
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.vupen.com/english/advisories/2005/2519

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56024
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200512-10 (opera)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200512-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200512-10. Vulnerability Insight: Lack of URL validation in Opera command-line wrapper could be abused to execute arbitrary commands. Solution: All Opera users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-client/opera-8.51' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3750 BugTraq ID: 15521 http://www.securityfocus.com/bid/15521 Bugtraq: 20051122 Secunia Research: Opera Command Line URL Shell Command Injection (Google Search) http://www.securityfocus.com/archive/1/417393/30/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0677.html http://www.gentoo.org/security/en/glsa/glsa-200512-10.xml http://secunia.com/secunia_research/2005-57/advisory/ http://www.osvdb.org/21003 http://securitytracker.com/id?1015253 http://secunia.com/advisories/16907 http://secunia.com/advisories/18111 http://securityreason.com/securityalert/199 SuSE Security Announcement: SUSE-SR:2005:028 (Google Search) http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.vupen.com/english/advisories/2005/2519
Copyright	Copyright (C) 2008 E-Soft Inc.