ID de Prueba:	1.3.6.1.4.1.25623.1.0.58234
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0220
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0220. The gcc packages include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support libraries. Jürgen Weigert discovered a directory traversal flaw in fastjar. An attacker could create a malicious JAR file which, if unpacked using fastjar, could write to any files the victim had write access to. (CVE-2006-3619) These updated packages also fix several bugs, including: * two debug information generator bugs * two internal compiler errors In addition to this, protoize.1 and unprotoize.1 manual pages have been added to the package and __cxa_get_exception_ptr@@CXXABI_1.3.1 symbol has been added into libstdc++.so.6. For full details regarding all fixed bugs, refer to the package changelog as well as the specified list of bug reports from bugzilla. All users of gcc should upgrade to these updated packages, which contain backported patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0220.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 2.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3619 BugTraq ID: 15669 http://www.securityfocus.com/bid/15669 Debian Security Information: DSA-1170 (Google Search) http://www.debian.org/security/2006/dsa-1170 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:066 http://www.osvdb.org/21337 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9617 http://www.redhat.com/support/errata/RHSA-2007-0220.html RedHat Security Advisories: RHSA-2007:0473 http://rhn.redhat.com/errata/RHSA-2007-0473.html http://www.securitytracker.com/id?1017987 http://secunia.com/advisories/17839 http://secunia.com/advisories/21100 http://secunia.com/advisories/21797 http://secunia.com/advisories/25098 http://secunia.com/advisories/25281 http://secunia.com/advisories/25633 http://secunia.com/advisories/25894 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 http://secunia.com/advisories/29334 SGI Security Advisory: 20070602-01-P ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://www.vupen.com/english/advisories/2005/2686 http://www.vupen.com/english/advisories/2006/2866 http://www.vupen.com/english/advisories/2007/3229 XForce ISS Database: gnugcc-fastjar-directory-traversal(27806) https://exchange.xforce.ibmcloud.com/vulnerabilities/27806
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.