Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200610-09 (libmusicbrainz)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57907

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200610-09 (libmusicbrainz)

Resumen: The remote host is missing updates announced in;advisory GLSA 200610-09.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200610-09.

Vulnerability Insight:
Multiple buffer overflows have been found in libmusicbrainz, which could
lead to a Denial of Service or possibly the execution of arbitrary code.

Solution:
All libmusicbrainz users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/musicbrainz-2.1.4'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4197
BugTraq ID: 19508
http://www.securityfocus.com/bid/19508
Bugtraq: 20060813 Multiple buffer-overflows in libmusicbrainz 2.1.2 (Google Search)
http://www.securityfocus.com/archive/1/443205/100/0/threaded
Bugtraq: 20060830 rPSA-2006-0161-1 libmusicbrainz (Google Search)
http://www.securityfocus.com/archive/1/444843/100/0/threaded
Debian Security Information: DSA-1162 (Google Search)
http://www.debian.org/security/2006/dsa-1162
http://security.gentoo.org/glsa/glsa-200610-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:157
http://aluigi.altervista.org/adv/brainzbof-adv.txt
http://securitytracker.com/id?1016691
http://secunia.com/advisories/21404
http://secunia.com/advisories/21668
http://secunia.com/advisories/21699
http://secunia.com/advisories/22191
http://secunia.com/advisories/22393
http://secunia.com/advisories/22517
http://secunia.com/advisories/22639
http://securityreason.com/securityalert/1399
SuSE Security Announcement: SUSE-SR:2006:025 (Google Search)
http://www.novell.com/linux/security/advisories/2006_25_sr.html
http://www.ubuntu.com/usn/usn-363-1
XForce ISS Database: libmusicbrainz-mbhttpdownload-bo(28367)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28367
XForce ISS Database: libmusicbrainz-rdfparse-bo(28368)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28368

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57907
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200610-09 (libmusicbrainz)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200610-09.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200610-09. Vulnerability Insight: Multiple buffer overflows have been found in libmusicbrainz, which could lead to a Denial of Service or possibly the execution of arbitrary code. Solution: All libmusicbrainz users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/musicbrainz-2.1.4' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4197 BugTraq ID: 19508 http://www.securityfocus.com/bid/19508 Bugtraq: 20060813 Multiple buffer-overflows in libmusicbrainz 2.1.2 (Google Search) http://www.securityfocus.com/archive/1/443205/100/0/threaded Bugtraq: 20060830 rPSA-2006-0161-1 libmusicbrainz (Google Search) http://www.securityfocus.com/archive/1/444843/100/0/threaded Debian Security Information: DSA-1162 (Google Search) http://www.debian.org/security/2006/dsa-1162 http://security.gentoo.org/glsa/glsa-200610-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:157 http://aluigi.altervista.org/adv/brainzbof-adv.txt http://securitytracker.com/id?1016691 http://secunia.com/advisories/21404 http://secunia.com/advisories/21668 http://secunia.com/advisories/21699 http://secunia.com/advisories/22191 http://secunia.com/advisories/22393 http://secunia.com/advisories/22517 http://secunia.com/advisories/22639 http://securityreason.com/securityalert/1399 SuSE Security Announcement: SUSE-SR:2006:025 (Google Search) http://www.novell.com/linux/security/advisories/2006_25_sr.html http://www.ubuntu.com/usn/usn-363-1 XForce ISS Database: libmusicbrainz-mbhttpdownload-bo(28367) https://exchange.xforce.ibmcloud.com/vulnerabilities/28367 XForce ISS Database: libmusicbrainz-rdfparse-bo(28368) https://exchange.xforce.ibmcloud.com/vulnerabilities/28368
Copyright	Copyright (C) 2008 E-Soft Inc.