Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200607-13 (audacious)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57850

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200607-13 (audacious)

Resumen: The remote host is missing updates announced in;advisory GLSA 200607-13.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200607-13.

Vulnerability Insight:
The adplug library included in Audacious is vulnerable to various overflows
that could result in the execution of arbitrary code.

Solution:
All Audacious users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-sound/audacious-1.1.0'

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-3581
BugTraq ID: 18859
http://www.securityfocus.com/bid/18859
Bugtraq: 20060706 Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) (Google Search)
http://www.securityfocus.com/archive/1/439432/100/100/threaded
http://security.gentoo.org/glsa/glsa-200607-13.xml
http://security.gentoo.org/glsa/glsa-200609-06.xml
http://aluigi.altervista.org/adv/adplugbof-adv.txt
http://www.osvdb.org/27045
http://www.osvdb.org/27046
http://secunia.com/advisories/20972
http://secunia.com/advisories/21238
http://secunia.com/advisories/21295
http://secunia.com/advisories/21869
http://www.vupen.com/english/advisories/2006/2697
XForce ISS Database: adplug-dtm-file-bo(27673)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27673
XForce ISS Database: adplug-s3m-file-bo(27674)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27674
Common Vulnerability Exposure (CVE) ID: CVE-2006-3582
http://www.osvdb.org/27042
http://www.osvdb.org/27043
http://www.osvdb.org/27044
http://www.osvdb.org/27047
XForce ISS Database: adplug-dmo-file-bo(27670)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
XForce ISS Database: adplug-u6m-file-bo(27677)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27677

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57850
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200607-13 (audacious)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200607-13.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200607-13. Vulnerability Insight: The adplug library included in Audacious is vulnerable to various overflows that could result in the execution of arbitrary code. Solution: All Audacious users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-sound/audacious-1.1.0' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3581 BugTraq ID: 18859 http://www.securityfocus.com/bid/18859 Bugtraq: 20060706 Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) (Google Search) http://www.securityfocus.com/archive/1/439432/100/100/threaded http://security.gentoo.org/glsa/glsa-200607-13.xml http://security.gentoo.org/glsa/glsa-200609-06.xml http://aluigi.altervista.org/adv/adplugbof-adv.txt http://www.osvdb.org/27045 http://www.osvdb.org/27046 http://secunia.com/advisories/20972 http://secunia.com/advisories/21238 http://secunia.com/advisories/21295 http://secunia.com/advisories/21869 http://www.vupen.com/english/advisories/2006/2697 XForce ISS Database: adplug-dtm-file-bo(27673) https://exchange.xforce.ibmcloud.com/vulnerabilities/27673 XForce ISS Database: adplug-s3m-file-bo(27674) https://exchange.xforce.ibmcloud.com/vulnerabilities/27674 Common Vulnerability Exposure (CVE) ID: CVE-2006-3582 http://www.osvdb.org/27042 http://www.osvdb.org/27043 http://www.osvdb.org/27044 http://www.osvdb.org/27047 XForce ISS Database: adplug-dmo-file-bo(27670) https://exchange.xforce.ibmcloud.com/vulnerabilities/27670 XForce ISS Database: adplug-u6m-file-bo(27677) https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
Copyright	Copyright (C) 2008 E-Soft Inc.