Red Hat Local Security Checks : RedHat Security Advisory RHSA-2006:0541

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56847

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2006:0541

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2006:0541.

The Dia drawing program is designed to draw various types of diagrams.

Several format string flaws were found in the way dia displays certain
messages. If an attacker is able to trick a Dia user into opening a
carefully crafted file, it may be possible to execute arbitrary code as the
user running Dia. (CVE-2006-2453, CVE-2006-2480)

Users of Dia should update to these erratum packages, which contain
backported patches and are not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0541.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-2453
1016203
http://securitytracker.com/id?1016203
18166
http://www.securityfocus.com/bid/18166
20254
http://secunia.com/advisories/20254
20339
http://secunia.com/advisories/20339
20422
http://secunia.com/advisories/20422
20457
http://secunia.com/advisories/20457
20513
http://secunia.com/advisories/20513
FEDORA-2006-580
http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html
GLSA-200606-03
http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml
MDKSA-2006:093
http://www.mandriva.com/security/advisories?name=MDKSA-2006:093
RHSA-2006:0541
http://www.redhat.com/support/errata/RHSA-2006-0541.html
SUSE-SR:2006:012
http://www.novell.com/linux/security/advisories/2006-06-02.html
USN-286-1
https://usn.ubuntu.com/286-1/
http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830
oval:org.mitre.oval:def:11600
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600
Common Vulnerability Exposure (CVE) ID: CVE-2006-2480
BugTraq ID: 18078
http://www.securityfocus.com/bid/18078
http://kandangjamur.net/tutorial/dia.txt
http://www.osvdb.org/25699
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224
http://secunia.com/advisories/20199
SuSE Security Announcement: SUSE-SR:2006:012 (Google Search)
http://www.securityfocus.com/archive/82/433313/30/0/threaded
http://www.vupen.com/english/advisories/2006/1908

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56847
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2006:0541
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2006:0541. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the way dia displays certain messages. If an attacker is able to trick a Dia user into opening a carefully crafted file, it may be possible to execute arbitrary code as the user running Dia. (CVE-2006-2453, CVE-2006-2480) Users of Dia should update to these erratum packages, which contain backported patches and are not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0541.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2453 1016203 http://securitytracker.com/id?1016203 18166 http://www.securityfocus.com/bid/18166 20254 http://secunia.com/advisories/20254 20339 http://secunia.com/advisories/20339 20422 http://secunia.com/advisories/20422 20457 http://secunia.com/advisories/20457 20513 http://secunia.com/advisories/20513 FEDORA-2006-580 http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html GLSA-200606-03 http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml MDKSA-2006:093 http://www.mandriva.com/security/advisories?name=MDKSA-2006:093 RHSA-2006:0541 http://www.redhat.com/support/errata/RHSA-2006-0541.html SUSE-SR:2006:012 http://www.novell.com/linux/security/advisories/2006-06-02.html USN-286-1 https://usn.ubuntu.com/286-1/ http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830 oval:org.mitre.oval:def:11600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600 Common Vulnerability Exposure (CVE) ID: CVE-2006-2480 BugTraq ID: 18078 http://www.securityfocus.com/bid/18078 http://kandangjamur.net/tutorial/dia.txt http://www.osvdb.org/25699 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224 http://secunia.com/advisories/20199 SuSE Security Announcement: SUSE-SR:2006:012 (Google Search) http://www.securityfocus.com/archive/82/433313/30/0/threaded http://www.vupen.com/english/advisories/2006/1908
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com