Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:234 (mono)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57724

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:234 (mono)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to mono
announced via advisory MDKSA-2006:234.

XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack
which allow a malicious user to obtain the source code of the
server-side application. This vulnerability grants the attacker deeper
knowledge of the Web application logic.

Updated packages have been patched to correct this issue.

Affected: 2007.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:234

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6104
BugTraq ID: 21687
http://www.securityfocus.com/bid/21687
Bugtraq: 20061220 Mono XSP ASP.NET Server sourcecode disclosure vulnerability (Google Search)
http://www.securityfocus.com/archive/1/454962/100/0/threaded
http://fedoranews.org/cms/node/2400
http://fedoranews.org/cms/node/2401
http://security.gentoo.org/glsa/glsa-200701-12.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:234
http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092
http://securitytracker.com/id?1017430
http://secunia.com/advisories/23432
http://secunia.com/advisories/23435
http://secunia.com/advisories/23462
http://secunia.com/advisories/23597
http://secunia.com/advisories/23727
http://secunia.com/advisories/23776
http://secunia.com/advisories/23779
http://securityreason.com/securityalert/2082
SuSE Security Announcement: SUSE-SA:2007:002 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html
http://www.ubuntu.com/usn/usn-397-1
http://www.vupen.com/english/advisories/2006/5099

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57724
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:234 (mono)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mono announced via advisory MDKSA-2006:234. XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic. Updated packages have been patched to correct this issue. Affected: 2007.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:234 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-6104 BugTraq ID: 21687 http://www.securityfocus.com/bid/21687 Bugtraq: 20061220 Mono XSP ASP.NET Server sourcecode disclosure vulnerability (Google Search) http://www.securityfocus.com/archive/1/454962/100/0/threaded http://fedoranews.org/cms/node/2400 http://fedoranews.org/cms/node/2401 http://security.gentoo.org/glsa/glsa-200701-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:234 http://www.eazel.es/advisory007-mono-xsp-source-disclosure-vulnerability.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2092 http://securitytracker.com/id?1017430 http://secunia.com/advisories/23432 http://secunia.com/advisories/23435 http://secunia.com/advisories/23462 http://secunia.com/advisories/23597 http://secunia.com/advisories/23727 http://secunia.com/advisories/23776 http://secunia.com/advisories/23779 http://securityreason.com/securityalert/2082 SuSE Security Announcement: SUSE-SA:2007:002 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Jan/0002.html http://www.ubuntu.com/usn/usn-397-1 http://www.vupen.com/english/advisories/2006/5099
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com