Debian Local Security Checks : Debian Security Advisory DSA 930-2 (smstools)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56114

Categoría: Debian Local Security Checks

Título: Debian Security Advisory DSA 930-2 (smstools)

Resumen: Debian Security Advisory DSA 930-2 (smstools)

Descripción: The remote host is missing an update to smstools
announced via advisory DSA 930-2.

Ulf Harnhammar from the Debian Security Audit project discovered a
format string attack in the logging code of smstools, which may be
exploited to execute arbitary code with root privileges.

The original advisory for this issue said that the old stable
distribution (woody) was not affected because it did not contain
smstools. This was incorrect, and the only change in this updated
advisory is the inclusion of corrected packages for woody.

For the old stable distribution (woody) this problem has been fixed in
version 1.5.0-2woody0.

For the stable distribution (sarge) this problem has been fixed in
version 1.14.8-1sarge0.

For the unstable distribution the package will be updated shortly.

We recommend that you upgrade your smstools package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%20930-2

Referencia Cruzada: BugTraq ID: 16188
Common Vulnerability Exposure (CVE) ID: CVE-2006-0083
Debian Security Information: DSA-930 (Google Search)
http://www.debian.org/security/2005/dsa-930
http://www.securityfocus.com/bid/16188
http://www.osvdb.org/22287
http://secunia.com/advisories/18343
http://secunia.com/advisories/18357
XForce ISS Database: smstools-logging-format-string(24034)
http://xforce.iss.net/xforce/xfdb/24034

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56114
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 930-2 (smstools)
Resumen:	Debian Security Advisory DSA 930-2 (smstools)
Descripción:	The remote host is missing an update to smstools announced via advisory DSA 930-2. Ulf Harnhammar from the Debian Security Audit project discovered a format string attack in the logging code of smstools, which may be exploited to execute arbitary code with root privileges. The original advisory for this issue said that the old stable distribution (woody) was not affected because it did not contain smstools. This was incorrect, and the only change in this updated advisory is the inclusion of corrected packages for woody. For the old stable distribution (woody) this problem has been fixed in version 1.5.0-2woody0. For the stable distribution (sarge) this problem has been fixed in version 1.14.8-1sarge0. For the unstable distribution the package will be updated shortly. We recommend that you upgrade your smstools package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20930-2
Referencia Cruzada:	BugTraq ID: 16188 Common Vulnerability Exposure (CVE) ID: CVE-2006-0083 Debian Security Information: DSA-930 (Google Search) http://www.debian.org/security/2005/dsa-930 http://www.securityfocus.com/bid/16188 http://www.osvdb.org/22287 http://secunia.com/advisories/18343 http://secunia.com/advisories/18357 XForce ISS Database: smstools-logging-format-string(24034) http://xforce.iss.net/xforce/xfdb/24034
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com