ID de Prueba:	1.3.6.1.4.1.25623.1.0.56035
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:875
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:875. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. Stefan Esser discovered an off-by-one bug in curl. It may be possible to execute arbitrary code on a user's machine if the user can be tricked into executing curl with a carefully crafted URL. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-4077 to this issue. All users of curl are advised to upgrade to these updated packages, which contain a backported patch that resolves this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-875.html Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	BugTraq ID: 17951 BugTraq ID: 15756 Common Vulnerability Exposure (CVE) ID: CVE-2005-4077 http://lists.apple.com/archives/security-announce/2006/May/msg00003.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://www.securityfocus.com/bid/15756 http://www.securityfocus.com/bid/17951 Bugtraq: 20051207 Advisory 24/2005: libcurl URL parsing vulnerability (Google Search) http://www.securityfocus.com/archive/1/418849/100/0/threaded Cert/CC Advisory: TA06-132A http://www.us-cert.gov/cas/techalerts/TA06-132A.html Debian Security Information: DSA-919 (Google Search) http://www.debian.org/security/2005/dsa-919 http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00020.html http://www.gentoo.org/security/en/glsa/glsa-200512-09.xml http://www.gentoo.org/security/en/glsa/glsa-200603-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:224 http://qa.openoffice.org/issues/show_bug.cgi?id=59032 http://www.hardened-php.net/advisory_242005.109.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10855 http://www.redhat.com/support/errata/RHSA-2005-875.html SCO Security Bulletin: SCOSA-2006.16 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.16/SCOSA-2006.16.txt http://secunia.com/advisories/17907 http://secunia.com/advisories/17960 http://secunia.com/advisories/17961 http://secunia.com/advisories/17965 http://secunia.com/advisories/17977 http://secunia.com/advisories/18105 http://secunia.com/advisories/18188 http://secunia.com/advisories/18336 http://secunia.com/advisories/19261 http://secunia.com/advisories/19433 http://secunia.com/advisories/19457 http://secunia.com/advisories/20077 http://www.trustix.org/errata/2005/0072/ https://usn.ubuntu.com/228-1/ http://www.vupen.com/english/advisories/2005/2791 http://www.vupen.com/english/advisories/2006/0960 http://www.vupen.com/english/advisories/2006/1779 http://www.vupen.com/english/advisories/2008/0924/references
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.