Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200603-05 (zoo)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56366

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200603-05 (zoo)

Resumen: The remote host is missing updates announced in;advisory GLSA 200603-05.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200603-05.

Vulnerability Insight:
A stack-based buffer overflow in zoo may be exploited to execute arbitrary
code through malicious ZOO archives.

Solution:
All zoo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-arch/zoo-2.10-r1'

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-0855
BugTraq ID: 16790
http://www.securityfocus.com/bid/16790
Bugtraq: 20060223 zoo contains exploitable buffer overflows (Google Search)
http://www.securityfocus.com/archive/1/425887/100/0/threaded
Bugtraq: 20060403 Barracuda ZOO archiver security bug leads to remote compromise (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2006-04/0061.html
Debian Security Information: DSA-991 (Google Search)
http://www.debian.org/security/2006/dsa-991
http://www.gentoo.org/security/en/glsa/glsa-200603-05.xml
http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt
http://www.guay-leroux.com/projects/zoo-advisory.txt
http://securitytracker.com/id?1015668
http://securitytracker.com/id?1015866
http://secunia.com/advisories/19002
http://secunia.com/advisories/19130
http://secunia.com/advisories/19148
http://secunia.com/advisories/19166
http://secunia.com/advisories/19408
http://secunia.com/advisories/19514
http://securityreason.com/securityalert/546
SuSE Security Announcement: SUSE-SR:2006:005 (Google Search)
http://www.novell.com/linux/security/advisories/2006_05_sr.html
SuSE Security Announcement: SUSE-SR:2006:006 (Google Search)
http://www.novell.com/linux/security/advisories/2006_06_sr.html
http://www.vupen.com/english/advisories/2006/0705
http://www.vupen.com/english/advisories/2006/1220
XForce ISS Database: zoo-misc-bo(24904)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24904

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56366
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200603-05 (zoo)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200603-05.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200603-05. Vulnerability Insight: A stack-based buffer overflow in zoo may be exploited to execute arbitrary code through malicious ZOO archives. Solution: All zoo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/zoo-2.10-r1' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0855 BugTraq ID: 16790 http://www.securityfocus.com/bid/16790 Bugtraq: 20060223 zoo contains exploitable buffer overflows (Google Search) http://www.securityfocus.com/archive/1/425887/100/0/threaded Bugtraq: 20060403 Barracuda ZOO archiver security bug leads to remote compromise (Google Search) http://archives.neohapsis.com/archives/bugtraq/2006-04/0061.html Debian Security Information: DSA-991 (Google Search) http://www.debian.org/security/2006/dsa-991 http://www.gentoo.org/security/en/glsa/glsa-200603-05.xml http://www.guay-leroux.com/projects/barracuda-advisory-ZOO.txt http://www.guay-leroux.com/projects/zoo-advisory.txt http://securitytracker.com/id?1015668 http://securitytracker.com/id?1015866 http://secunia.com/advisories/19002 http://secunia.com/advisories/19130 http://secunia.com/advisories/19148 http://secunia.com/advisories/19166 http://secunia.com/advisories/19408 http://secunia.com/advisories/19514 http://securityreason.com/securityalert/546 SuSE Security Announcement: SUSE-SR:2006:005 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_sr.html SuSE Security Announcement: SUSE-SR:2006:006 (Google Search) http://www.novell.com/linux/security/advisories/2006_06_sr.html http://www.vupen.com/english/advisories/2006/0705 http://www.vupen.com/english/advisories/2006/1220 XForce ISS Database: zoo-misc-bo(24904) https://exchange.xforce.ibmcloud.com/vulnerabilities/24904
Copyright	Copyright (C) 2008 E-Soft Inc.