ID de Prueba:	1.3.6.1.4.1.25623.1.0.56125
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2006:0156
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2006:0156. Ethereal is a program for monitoring network traffic. Two denial of service bugs were found in Ethereal's IRC and GTP protocol dissectors. Ethereal could crash or stop responding if it reads a malformed IRC or GTP packet off the network. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the names CVE-2005-3313 and CVE-2005-4585 to these issues. A buffer overflow bug was found in Ethereal's OSPF protocol dissector. Ethereal could crash or execute arbitrary code if it reads a malformed OSPF packet off the network. (CVE-2005-3651) Users of ethereal should upgrade to these updated packages containing version 0.10.14, which is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0156.html Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3313 BugTraq ID: 15219 http://www.securityfocus.com/bid/15219 http://www.gentoo.org/security/en/glsa/glsa-200510-25.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10616 http://www.redhat.com/support/errata/RHSA-2006-0156.html http://securitytracker.com/id?1015414 http://secunia.com/advisories/17370 http://secunia.com/advisories/17377 http://secunia.com/advisories/17480 http://secunia.com/advisories/18331 http://secunia.com/advisories/18426 http://secunia.com/advisories/18911 http://secunia.com/advisories/19130 http://secunia.com/advisories/19230 SGI Security Advisory: 20060201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U SuSE Security Announcement: SUSE-SR:2005:025 (Google Search) http://www.novell.com/linux/security/advisories/2005_25_sr.html SuSE Security Announcement: SUSE-SR:2006:005 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_sr.html Common Vulnerability Exposure (CVE) ID: CVE-2005-3651 BugTraq ID: 15794 http://www.securityfocus.com/bid/15794 Debian Security Information: DSA-920 (Google Search) http://www.debian.org/security/2005/dsa-920 http://www.gentoo.org/security/en/glsa/glsa-200512-06.xml http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:227 http://www.mandriva.com/security/advisories?name=MDKSA-2006:002 http://anonsvn.ethereal.com/viewcvs/viewcvs.py/trunk/epan/dissectors/packet-ospf.c https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11286 http://securitytracker.com/id?1015337 http://secunia.com/advisories/17973 http://secunia.com/advisories/18012 http://secunia.com/advisories/18062 http://secunia.com/advisories/19012 http://securityreason.com/securityalert/247 SuSE Security Announcement: SUSE-SR:2006:004 (Google Search) http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html http://www.vupen.com/english/advisories/2005/2830 Common Vulnerability Exposure (CVE) ID: CVE-2005-4585 BugTraq ID: 16076 http://www.securityfocus.com/bid/16076 http://www.osvdb.org/22092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9678 http://secunia.com/advisories/18229 http://securityreason.com/securityalert/304 http://www.vupen.com/english/advisories/2005/3095 XForce ISS Database: ethereal-gtp-dissector-dos(23849) https://exchange.xforce.ibmcloud.com/vulnerabilities/23849
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.