Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200701-24 (vlc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57984

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200701-24 (vlc)

Resumen: The remote host is missing updates announced in;advisory GLSA 200701-24.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200701-24.

Vulnerability Insight:
VLC media player improperly handles format strings, allowing for the
execution of arbitrary code.

Solution:
All VLC media player users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/vlc-0.8.6-r1'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0017
BugTraq ID: 21852
http://www.securityfocus.com/bid/21852
Debian Security Information: DSA-1252 (Google Search)
http://www.debian.org/security/2007/dsa-1252
http://security.gentoo.org/glsa/glsa-200701-24.xml
http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html
http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html
http://projects.info-pull.com/moab/MOAB-02-01-2007.html
http://www.via.ecp.fr/via/ml/vlc-devel/2007-01/msg00005.html
http://osvdb.org/31163
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14313
http://securitytracker.com/id?1017464
http://secunia.com/advisories/23592
http://secunia.com/advisories/23829
http://secunia.com/advisories/23910
http://secunia.com/advisories/23971
SuSE Security Announcement: SUSE-SA:2007:013 (Google Search)
http://www.novell.com/linux/security/advisories/2007_13_xine.html
http://www.vupen.com/english/advisories/2007/0026
XForce ISS Database: vlcmediaplayer-udp-format-string(31226)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31226

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57984
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200701-24 (vlc)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200701-24.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200701-24. Vulnerability Insight: VLC media player improperly handles format strings, allowing for the execution of arbitrary code. Solution: All VLC media player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/vlc-0.8.6-r1' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0017 BugTraq ID: 21852 http://www.securityfocus.com/bid/21852 Debian Security Information: DSA-1252 (Google Search) http://www.debian.org/security/2007/dsa-1252 http://security.gentoo.org/glsa/glsa-200701-24.xml http://applefun.blogspot.com/2007/01/moab-02-01-2007-vlc-media-player-udp.html http://landonf.bikemonkey.org/code/macosx/MOAB_Day_2.20070103045559.6753.timor.html http://projects.info-pull.com/moab/MOAB-02-01-2007.html http://www.via.ecp.fr/via/ml/vlc-devel/2007-01/msg00005.html http://osvdb.org/31163 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14313 http://securitytracker.com/id?1017464 http://secunia.com/advisories/23592 http://secunia.com/advisories/23829 http://secunia.com/advisories/23910 http://secunia.com/advisories/23971 SuSE Security Announcement: SUSE-SA:2007:013 (Google Search) http://www.novell.com/linux/security/advisories/2007_13_xine.html http://www.vupen.com/english/advisories/2007/0026 XForce ISS Database: vlcmediaplayer-udp-format-string(31226) https://exchange.xforce.ibmcloud.com/vulnerabilities/31226
Copyright	Copyright (C) 2008 E-Soft Inc.