Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0087

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58875

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0087

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0087.

Ekiga is a tool to communicate with video and audio over the Internet.

Format string flaws were found in the way Ekiga processes certain messages.
If a user is running Ekiga, a remote attacker who can connect to Ekiga
could trigger this flaw and potentially execute arbitrary code with the
privileges of the user. (CVE-2007-0999, CVE-2007-1006)

Users of Ekiga should upgrade to these updated packages which contain a
backported patch to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0087.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0999
MDKSA-2007:058
http://www.mandriva.com/security/advisories?name=MDKSA-2007:058
RHSA-2007:0087
http://www.redhat.com/support/errata/RHSA-2007-0087.html
USN-434-1
http://www.ubuntu.com/usn/usn-434-1
oval:org.mitre.oval:def:10944
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10944
Common Vulnerability Exposure (CVE) ID: CVE-2007-1006
1017673
http://www.securitytracker.com/id?1017673
22613
http://www.securityfocus.com/bid/22613
24194
http://secunia.com/advisories/24194
24228
http://secunia.com/advisories/24228
24229
http://secunia.com/advisories/24229
24271
http://secunia.com/advisories/24271
24379
http://secunia.com/advisories/24379
24680
http://secunia.com/advisories/24680
25119
http://secunia.com/advisories/25119
31939
http://www.osvdb.org/31939
ADV-2007-0655
http://www.vupen.com/english/advisories/2007/0655
DSA-1262
http://www.debian.org/security/2007/dsa-1262
FEDORA-2007-262
http://fedoranews.org/cms/node/2682
FEDORA-2007-263
http://fedoranews.org/cms/node/2683
GLSA-200703-25
http://security.gentoo.org/glsa/glsa-200703-25.xml
MDKSA-2007:044
http://www.mandriva.com/security/advisories?name=MDKSA-2007:044
SUSE-SR:2007:009
http://www.novell.com/linux/security/advisories/2007_9_sr.html
USN-426-1
http://www.ubuntu.com/usn/usn-426-1
[Ekiga-list] 20070213 Ekiga 2.0.5 available
http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html
http://labs.musecurity.com/advisories/MU-200702-01.txt
http://www.ekiga.org/index.php?rub=10&archive=1
oval:org.mitre.oval:def:11642
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58875
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0087
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0087. Ekiga is a tool to communicate with video and audio over the Internet. Format string flaws were found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. (CVE-2007-0999, CVE-2007-1006) Users of Ekiga should upgrade to these updated packages which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0087.html http://www.redhat.com/security/updates/classification/#critical Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0999 MDKSA-2007:058 http://www.mandriva.com/security/advisories?name=MDKSA-2007:058 RHSA-2007:0087 http://www.redhat.com/support/errata/RHSA-2007-0087.html USN-434-1 http://www.ubuntu.com/usn/usn-434-1 oval:org.mitre.oval:def:10944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10944 Common Vulnerability Exposure (CVE) ID: CVE-2007-1006 1017673 http://www.securitytracker.com/id?1017673 22613 http://www.securityfocus.com/bid/22613 24194 http://secunia.com/advisories/24194 24228 http://secunia.com/advisories/24228 24229 http://secunia.com/advisories/24229 24271 http://secunia.com/advisories/24271 24379 http://secunia.com/advisories/24379 24680 http://secunia.com/advisories/24680 25119 http://secunia.com/advisories/25119 31939 http://www.osvdb.org/31939 ADV-2007-0655 http://www.vupen.com/english/advisories/2007/0655 DSA-1262 http://www.debian.org/security/2007/dsa-1262 FEDORA-2007-262 http://fedoranews.org/cms/node/2682 FEDORA-2007-263 http://fedoranews.org/cms/node/2683 GLSA-200703-25 http://security.gentoo.org/glsa/glsa-200703-25.xml MDKSA-2007:044 http://www.mandriva.com/security/advisories?name=MDKSA-2007:044 SUSE-SR:2007:009 http://www.novell.com/linux/security/advisories/2007_9_sr.html USN-426-1 http://www.ubuntu.com/usn/usn-426-1 [Ekiga-list] 20070213 Ekiga 2.0.5 available http://mail.gnome.org/archives/ekiga-list/2007-February/msg00060.html http://labs.musecurity.com/advisories/MU-200702-01.txt http://www.ekiga.org/index.php?rub=10&archive=1 oval:org.mitre.oval:def:11642 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11642
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com