Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200706-02 (evolution)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58305

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200706-02 (evolution)

Resumen: The remote host is missing updates announced in;advisory GLSA 200706-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200706-02.

Vulnerability Insight:
A vulnerability has been discovered in Evolution allowing for the execution
of arbitrary code.

Solution:
All Evolution users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=mail-client/evolution-2.8.3-r2'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1002
BugTraq ID: 23073
http://www.securityfocus.com/bid/23073
Bugtraq: 20070321 Secunia Research: Evolution Shared Memo Categories Format StringVulnerability (Google Search)
http://www.securityfocus.com/archive/1/463406/100/0/threaded
Bugtraq: 20070405 FLEA-2007-0010-1: evolution (Google Search)
http://www.securityfocus.com/archive/1/464820/30/7170/threaded
Debian Security Information: DSA-1325 (Google Search)
http://www.debian.org/security/2007/dsa-1325
http://security.gentoo.org/glsa/glsa-200706-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:070
http://secunia.com/secunia_research/2007-44/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10100
RedHat Security Advisories: RHSA-2007:0158
https://rhn.redhat.com/errata/RHSA-2007-0158.html
http://www.securitytracker.com/id?1017808
http://secunia.com/advisories/24234
http://secunia.com/advisories/24651
http://secunia.com/advisories/24668
http://secunia.com/advisories/25102
http://secunia.com/advisories/25551
http://secunia.com/advisories/25880
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.ubuntu.com/usn/usn-442-1
http://www.vupen.com/english/advisories/2007/1058
XForce ISS Database: evolution-writehtml-format-string(33106)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33106

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58305
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200706-02 (evolution)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200706-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200706-02. Vulnerability Insight: A vulnerability has been discovered in Evolution allowing for the execution of arbitrary code. Solution: All Evolution users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/evolution-2.8.3-r2' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1002 BugTraq ID: 23073 http://www.securityfocus.com/bid/23073 Bugtraq: 20070321 Secunia Research: Evolution Shared Memo Categories Format StringVulnerability (Google Search) http://www.securityfocus.com/archive/1/463406/100/0/threaded Bugtraq: 20070405 FLEA-2007-0010-1: evolution (Google Search) http://www.securityfocus.com/archive/1/464820/30/7170/threaded Debian Security Information: DSA-1325 (Google Search) http://www.debian.org/security/2007/dsa-1325 http://security.gentoo.org/glsa/glsa-200706-02.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:070 http://secunia.com/secunia_research/2007-44/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10100 RedHat Security Advisories: RHSA-2007:0158 https://rhn.redhat.com/errata/RHSA-2007-0158.html http://www.securitytracker.com/id?1017808 http://secunia.com/advisories/24234 http://secunia.com/advisories/24651 http://secunia.com/advisories/24668 http://secunia.com/advisories/25102 http://secunia.com/advisories/25551 http://secunia.com/advisories/25880 SuSE Security Announcement: SUSE-SR:2007:015 (Google Search) http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.ubuntu.com/usn/usn-442-1 http://www.vupen.com/english/advisories/2007/1058 XForce ISS Database: evolution-writehtml-format-string(33106) https://exchange.xforce.ibmcloud.com/vulnerabilities/33106
Copyright	Copyright (C) 2008 E-Soft Inc.