Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200512-16 (openmotif)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56073

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200512-16 (openmotif)

Resumen: The remote host is missing updates announced in;advisory GLSA 200512-16.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200512-16.

Vulnerability Insight:
Two buffer overflows have been discovered in libUil, part of the OpenMotif
toolkit, that can potentially lead to the execution of arbitrary code.

Solution:
All OpenMotif users should upgrade to an unaffected version:

# emerge --sync
# emerge --ask --oneshot --verbose x11-libs/openmotif

All AMD64 x86 emulation X libraries users should upgrade to the latest
version:

# emerge --sync
# emerge --ask --oneshot --verbose app-emulation/emul-linux-x86-xlibs

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-3964
1015303
http://securitytracker.com/id?1015303
15684
http://www.securityfocus.com/bid/15684
15686
http://www.securityfocus.com/bid/15686
20051201 [xfocus-SD-051202]openMotif-libUil-Multiple_vulnerability
http://marc.info/?l=full-disclosure&m=113349242925897&w=2
20051202 [xfocus-SD-051202]openMotif libUil Multiple vulnerability
http://www.securityfocus.com/archive/1/418459/100/0/threaded
ADV-2005-2709
http://www.vupen.com/english/advisories/2005/2709
RHSA-2006:0272
http://www.redhat.com/support/errata/RHSA-2006-0272.html
RHSA-2008:0261
http://www.redhat.com/support/errata/RHSA-2008-0261.html
openmotif-diagissuediagnostic-bo(23388)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23388
openmotif-opensourcefile-bo(23389)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23389
oval:org.mitre.oval:def:9393
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9393

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56073
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200512-16 (openmotif)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200512-16.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200512-16. Vulnerability Insight: Two buffer overflows have been discovered in libUil, part of the OpenMotif toolkit, that can potentially lead to the execution of arbitrary code. Solution: All OpenMotif users should upgrade to an unaffected version: # emerge --sync # emerge --ask --oneshot --verbose x11-libs/openmotif All AMD64 x86 emulation X libraries users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose app-emulation/emul-linux-x86-xlibs CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3964 1015303 http://securitytracker.com/id?1015303 15684 http://www.securityfocus.com/bid/15684 15686 http://www.securityfocus.com/bid/15686 20051201 [xfocus-SD-051202]openMotif-libUil-Multiple_vulnerability http://marc.info/?l=full-disclosure&m=113349242925897&w=2 20051202 [xfocus-SD-051202]openMotif libUil Multiple vulnerability http://www.securityfocus.com/archive/1/418459/100/0/threaded ADV-2005-2709 http://www.vupen.com/english/advisories/2005/2709 RHSA-2006:0272 http://www.redhat.com/support/errata/RHSA-2006-0272.html RHSA-2008:0261 http://www.redhat.com/support/errata/RHSA-2008-0261.html openmotif-diagissuediagnostic-bo(23388) https://exchange.xforce.ibmcloud.com/vulnerabilities/23388 openmotif-opensourcefile-bo(23389) https://exchange.xforce.ibmcloud.com/vulnerabilities/23389 oval:org.mitre.oval:def:9393 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9393
Copyright	Copyright (C) 2008 E-Soft Inc.