 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.58483 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Security Advisory RHSA-2007:0765 |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing updates announced in advisory RHSA-2007:0765. The libgtop2 package contains a library for obtaining information about a running system, such as cpu, memory and disk usage active processes and PIDs. A flaw was found in the way libgtop2 handled long filenames mapped into the address space of a process. An attacker could execute arbitrary code on behalf of the user running gnome-system-monitor by executing a process and mapping a file with a specially crafted name into the processes' address space. (CVE-2007-0235) This update also fixes the following bug: * when a version of libgtop2 compiled to run on a 32-bit architecture was used to inspect a process running in 64-bit mode, it failed to report certain information regarding address space mapping correctly. All users of gnome-system-monitor are advised to upgrade to this updated libgtop2 package, which contains backported patches that resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0765.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 3.7 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-0235 BugTraq ID: 22054 http://www.securityfocus.com/bid/22054 Debian Security Information: DSA-1255 (Google Search) http://www.debian.org/security/2007/dsa-1255 http://security.gentoo.org/glsa/glsa-200701-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:023 https://launchpad.net/bugs/79206 http://osvdb.org/32815 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10720 http://www.redhat.com/support/errata/RHSA-2007-0765.html http://www.securitytracker.com/id?1018526 http://secunia.com/advisories/23736 http://secunia.com/advisories/23777 http://secunia.com/advisories/23814 http://secunia.com/advisories/23840 http://secunia.com/advisories/23872 http://secunia.com/advisories/24015 http://secunia.com/advisories/26367 http://www.ubuntu.com/usn/usn-407-1 http://www.vupen.com/english/advisories/2007/0185 http://www.vupen.com/english/advisories/2007/0187 XForce ISS Database: libgtop2-glibtopbo(31522) https://exchange.xforce.ibmcloud.com/vulnerabilities/31522 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |