Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200612-04 (libmodplug)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57943

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200612-04 (libmodplug)

Resumen: The remote host is missing updates announced in;advisory GLSA 200612-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200612-04.

Vulnerability Insight:
ModPlug contains several boundary errors that could lead to buffer
overflows resulting in the possible execution of arbitrary code.

Solution:
All ModPlug users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/libmodplug-0.8-r1'

CVSS Score:
5.1

CVSS Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4192
BugTraq ID: 19448
http://www.securityfocus.com/bid/19448
Bugtraq: 20060809 Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 (Google Search)
http://www.securityfocus.com/archive/1/442721/100/100/threaded
http://security.gentoo.org/glsa/glsa-200612-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:001
http://aluigi.altervista.org/adv/mptho-adv.txt
RedHat Security Advisories: RHSA-2011:0477
https://rhn.redhat.com/errata/RHSA-2011-0477.html
http://secunia.com/advisories/21418
http://secunia.com/advisories/22080
http://secunia.com/advisories/22658
http://secunia.com/advisories/23294
http://secunia.com/advisories/23555
http://secunia.com/advisories/26979
http://securityreason.com/securityalert/1397
SuSE Security Announcement: SUSE-SR:2006:023 (Google Search)
http://www.novell.com/linux/security/advisories/2006_23_sr.html
http://www.ubuntu.com/usn/usn-521-1
http://www.vupen.com/english/advisories/2006/3231
http://www.vupen.com/english/advisories/2006/4310
XForce ISS Database: openmpt-loadit-bo(28305)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28305
XForce ISS Database: openmpt-readsample-bo(28309)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28309

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57943
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200612-04 (libmodplug)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200612-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200612-04. Vulnerability Insight: ModPlug contains several boundary errors that could lead to buffer overflows resulting in the possible execution of arbitrary code. Solution: All ModPlug users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/libmodplug-0.8-r1' CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4192 BugTraq ID: 19448 http://www.securityfocus.com/bid/19448 Bugtraq: 20060809 Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 (Google Search) http://www.securityfocus.com/archive/1/442721/100/100/threaded http://security.gentoo.org/glsa/glsa-200612-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:001 http://aluigi.altervista.org/adv/mptho-adv.txt RedHat Security Advisories: RHSA-2011:0477 https://rhn.redhat.com/errata/RHSA-2011-0477.html http://secunia.com/advisories/21418 http://secunia.com/advisories/22080 http://secunia.com/advisories/22658 http://secunia.com/advisories/23294 http://secunia.com/advisories/23555 http://secunia.com/advisories/26979 http://securityreason.com/securityalert/1397 SuSE Security Announcement: SUSE-SR:2006:023 (Google Search) http://www.novell.com/linux/security/advisories/2006_23_sr.html http://www.ubuntu.com/usn/usn-521-1 http://www.vupen.com/english/advisories/2006/3231 http://www.vupen.com/english/advisories/2006/4310 XForce ISS Database: openmpt-loadit-bo(28305) https://exchange.xforce.ibmcloud.com/vulnerabilities/28305 XForce ISS Database: openmpt-readsample-bo(28309) https://exchange.xforce.ibmcloud.com/vulnerabilities/28309
Copyright	Copyright (C) 2008 E-Soft Inc.