ID de Prueba:	1.3.6.1.4.1.25623.1.0.56327
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200602-08 (libtasn1)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200602-08.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200602-08. Vulnerability Insight: A flaw in the parsing of Distinguished Encoding Rules (DER) has been discovered in libtasn1, potentially resulting in the execution of arbitrary code. Solution: All libtasn1 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-libs/libtasn1-0.2.18' All GNU TLS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/gnutls-1.2.10' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0645 1015612 http://securitytracker.com/id?1015612 16568 http://www.securityfocus.com/bid/16568 18794 http://secunia.com/advisories/18794 18815 http://secunia.com/advisories/18815 18830 http://secunia.com/advisories/18830 18832 http://secunia.com/advisories/18832 18898 http://secunia.com/advisories/18898 18918 http://secunia.com/advisories/18918 19080 http://secunia.com/advisories/19080 19092 http://secunia.com/advisories/19092 2006-0008 http://www.trustix.org/errata/2006/0008 20060209 ProtoVer SSL: GnuTLS http://www.securityfocus.com/archive/1/424538/100/0/threaded 23054 http://www.osvdb.org/23054 446 http://securityreason.com/securityalert/446 ADV-2006-0496 http://www.vupen.com/english/advisories/2006/0496 DSA-985 http://www.debian.org/security/2006/dsa-985 DSA-986 http://www.debian.org/security/2006/dsa-986 FEDORA-2006-107 http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00043.html GLSA-200602-08 http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml MDKSA-2006:039 http://www.mandriva.com/security/advisories?name=MDKSA-2006:039 RHSA-2006:0207 http://rhn.redhat.com/errata/RHSA-2006-0207.html USN-251-1 https://usn.ubuntu.com/251-1/ [gnutls-dev] 20060209 GnuTLS 1.2.10 - Security release http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001059.html [gnutls-dev] 20060209 GnuTLS 1.3.4 - Experimental - Security release http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001060.html [gnutls-dev] 20060209 Libtasn1 0.2.18 - Tiny ASN.1 Library - Security release http://lists.gnupg.org/pipermail/gnutls-dev/2006-February/001058.html gnutls-libtasn1-der-dos(24606) https://exchange.xforce.ibmcloud.com/vulnerabilities/24606 http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup http://josefsson.org/cgi-bin/viewcvs.cgi/libtasn1/NEWS?root=gnupg-mirror&view=markup http://josefsson.org/gnutls/releases/libtasn1/libtasn1-0.2.18-from-0.2.17.patch http://www.gleg.net/protover_ssl.shtml oval:org.mitre.oval:def:10540 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10540
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.