Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200604-09 (cyrus-sasl)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56626

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200604-09 (cyrus-sasl)

Resumen: The remote host is missing updates announced in;advisory GLSA 200604-09.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200604-09.

Vulnerability Insight:
Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could
lead to a Denial of Service.

Solution:
All Cyrus-SASL users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-libs/cyrus-sasl-2.1.21-r2'

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1721
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
BugTraq ID: 17446
http://www.securityfocus.com/bid/17446
Bugtraq: 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues (Google Search)
http://www.securityfocus.com/archive/1/493080/100/0/threaded
Debian Security Information: DSA-1042 (Google Search)
http://www.debian.org/security/2006/dsa-1042
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html
http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:073
http://labs.musecurity.com/advisories/MU-200604-01.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861
http://www.redhat.com/support/errata/RHSA-2007-0795.html
http://www.redhat.com/support/errata/RHSA-2007-0878.html
http://securitytracker.com/id?1016960
http://secunia.com/advisories/19618
http://secunia.com/advisories/19753
http://secunia.com/advisories/19809
http://secunia.com/advisories/19825
http://secunia.com/advisories/19964
http://secunia.com/advisories/20014
http://secunia.com/advisories/22187
http://secunia.com/advisories/26708
http://secunia.com/advisories/26857
http://secunia.com/advisories/27237
http://secunia.com/advisories/30535
SGI Security Advisory: 20070901-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
SuSE Security Announcement: SUSE-SA:2006:025 (Google Search)
http://www.novell.com/linux/security/advisories/2006_05_05.html
http://www.trustix.org/errata/2006/0024
https://usn.ubuntu.com/272-1/
http://www.vupen.com/english/advisories/2006/1306
http://www.vupen.com/english/advisories/2006/3852
http://www.vupen.com/english/advisories/2008/1744
XForce ISS Database: cyrus-sasl-digest-dos(25738)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25738

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56626
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200604-09 (cyrus-sasl)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200604-09.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200604-09. Vulnerability Insight: Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could lead to a Denial of Service. Solution: All Cyrus-SASL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-libs/cyrus-sasl-2.1.21-r2' CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1721 http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html BugTraq ID: 17446 http://www.securityfocus.com/bid/17446 Bugtraq: 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues (Google Search) http://www.securityfocus.com/archive/1/493080/100/0/threaded Debian Security Information: DSA-1042 (Google Search) http://www.debian.org/security/2006/dsa-1042 http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:073 http://labs.musecurity.com/advisories/MU-200604-01.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861 http://www.redhat.com/support/errata/RHSA-2007-0795.html http://www.redhat.com/support/errata/RHSA-2007-0878.html http://securitytracker.com/id?1016960 http://secunia.com/advisories/19618 http://secunia.com/advisories/19753 http://secunia.com/advisories/19809 http://secunia.com/advisories/19825 http://secunia.com/advisories/19964 http://secunia.com/advisories/20014 http://secunia.com/advisories/22187 http://secunia.com/advisories/26708 http://secunia.com/advisories/26857 http://secunia.com/advisories/27237 http://secunia.com/advisories/30535 SGI Security Advisory: 20070901-01-P ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc SuSE Security Announcement: SUSE-SA:2006:025 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_05.html http://www.trustix.org/errata/2006/0024 https://usn.ubuntu.com/272-1/ http://www.vupen.com/english/advisories/2006/1306 http://www.vupen.com/english/advisories/2006/3852 http://www.vupen.com/english/advisories/2008/1744 XForce ISS Database: cyrus-sasl-digest-dos(25738) https://exchange.xforce.ibmcloud.com/vulnerabilities/25738
Copyright	Copyright (C) 2008 E-Soft Inc.