Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200603-10 (cube)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56418

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200603-10 (cube)

Resumen: The remote host is missing updates announced in;advisory GLSA 200603-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200603-10.

Vulnerability Insight:
Cube is vulnerable to a buffer overflow, invalid memory access and remote
client crashes, possibly leading to a Denial of Service or remote code
execution.

Solution:
Upstream stated that there will be no fixed version of Cube, thus the
Gentoo Security Team decided to hardmask Cube for security reasons. All
Cube users are encouraged to uninstall Cube:

# emerge --ask --unmerge games-fps/cube

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1100
BugTraq ID: 16986
http://www.securityfocus.com/bid/16986
Bugtraq: 20060306 Multiple vulnerabilities in Cube engine 2005_08_29 (Google Search)
http://www.securityfocus.com/archive/1/426867/100/0/threaded
Bugtraq: 20060306 Multiple vulnerabilities in Sauerbraten engine 2006_02_28 (Google Search)
http://www.securityfocus.com/archive/1/426865/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml
http://aluigi.altervista.org/adv/evilcube-adv.txt
http://secunia.com/advisories/19110
http://secunia.com/advisories/19111
http://secunia.com/advisories/19199
http://www.vupen.com/english/advisories/2006/0847
http://www.vupen.com/english/advisories/2006/0848
XForce ISS Database: sauerbraten-sgetstr-bo(25083)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25083
Common Vulnerability Exposure (CVE) ID: CVE-2006-1101
XForce ISS Database: sauerbraten-multiple-dos(25085)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25085
Common Vulnerability Exposure (CVE) ID: CVE-2006-1102
http://securityreason.com/securityalert/548
XForce ISS Database: sauerbraten-sprintf-dos(25086)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25086

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56418
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200603-10 (cube)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200603-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200603-10. Vulnerability Insight: Cube is vulnerable to a buffer overflow, invalid memory access and remote client crashes, possibly leading to a Denial of Service or remote code execution. Solution: Upstream stated that there will be no fixed version of Cube, thus the Gentoo Security Team decided to hardmask Cube for security reasons. All Cube users are encouraged to uninstall Cube: # emerge --ask --unmerge games-fps/cube CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1100 BugTraq ID: 16986 http://www.securityfocus.com/bid/16986 Bugtraq: 20060306 Multiple vulnerabilities in Cube engine 2005_08_29 (Google Search) http://www.securityfocus.com/archive/1/426867/100/0/threaded Bugtraq: 20060306 Multiple vulnerabilities in Sauerbraten engine 2006_02_28 (Google Search) http://www.securityfocus.com/archive/1/426865/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200603-10.xml http://aluigi.altervista.org/adv/evilcube-adv.txt http://secunia.com/advisories/19110 http://secunia.com/advisories/19111 http://secunia.com/advisories/19199 http://www.vupen.com/english/advisories/2006/0847 http://www.vupen.com/english/advisories/2006/0848 XForce ISS Database: sauerbraten-sgetstr-bo(25083) https://exchange.xforce.ibmcloud.com/vulnerabilities/25083 Common Vulnerability Exposure (CVE) ID: CVE-2006-1101 XForce ISS Database: sauerbraten-multiple-dos(25085) https://exchange.xforce.ibmcloud.com/vulnerabilities/25085 Common Vulnerability Exposure (CVE) ID: CVE-2006-1102 http://securityreason.com/securityalert/548 XForce ISS Database: sauerbraten-sprintf-dos(25086) https://exchange.xforce.ibmcloud.com/vulnerabilities/25086
Copyright	Copyright (C) 2008 E-Soft Inc.