FreeBSD Local Security Checks : FreeBSD Ports: kaffeine

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56511

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: kaffeine

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: kaffeine

CVE-2006-0051
Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through
0.7.1 allows user-complicit attackers to execute arbitrary code via
long HTTP request headers when Kaffeine is 'fetching remote
playlists', which triggers the overflow in the http_peek function.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-0051
BugTraq ID: 17372
http://www.securityfocus.com/bid/17372
Bugtraq: 20060405 [Kaffeine Security Advisory] Heap based buffer overflow in http_peek() (Google Search)
http://www.securityfocus.com/archive/1/430319/100/0/threaded
Debian Security Information: DSA-1023 (Google Search)
http://www.debian.org/security/2006/dsa-1023
http://www.gentoo.org/security/en/glsa/glsa-200604-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:065
http://securitytracker.com/id?1015863
http://secunia.com/advisories/19525
http://secunia.com/advisories/19540
http://secunia.com/advisories/19542
http://secunia.com/advisories/19549
http://secunia.com/advisories/19557
http://secunia.com/advisories/19571
SuSE Security Announcement: SUSE-SR:2006:008 (Google Search)
http://www.novell.com/linux/security/advisories/2006_08_sr.html
https://usn.ubuntu.com/268-1/
http://www.vupen.com/english/advisories/2006/1229
XForce ISS Database: kaffeine-http-peek-bo(25631)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25631

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56511
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: kaffeine
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: kaffeine CVE-2006-0051 Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-complicit attackers to execute arbitrary code via long HTTP request headers when Kaffeine is 'fetching remote playlists', which triggers the overflow in the http_peek function. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0051 BugTraq ID: 17372 http://www.securityfocus.com/bid/17372 Bugtraq: 20060405 [Kaffeine Security Advisory] Heap based buffer overflow in http_peek() (Google Search) http://www.securityfocus.com/archive/1/430319/100/0/threaded Debian Security Information: DSA-1023 (Google Search) http://www.debian.org/security/2006/dsa-1023 http://www.gentoo.org/security/en/glsa/glsa-200604-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:065 http://securitytracker.com/id?1015863 http://secunia.com/advisories/19525 http://secunia.com/advisories/19540 http://secunia.com/advisories/19542 http://secunia.com/advisories/19549 http://secunia.com/advisories/19557 http://secunia.com/advisories/19571 SuSE Security Announcement: SUSE-SR:2006:008 (Google Search) http://www.novell.com/linux/security/advisories/2006_08_sr.html https://usn.ubuntu.com/268-1/ http://www.vupen.com/english/advisories/2006/1229 XForce ISS Database: kaffeine-http-peek-bo(25631) https://exchange.xforce.ibmcloud.com/vulnerabilities/25631
Copyright	Copyright (C) 2008 E-Soft Inc.