Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0905

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58956
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0905
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0905. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities: Kees Huijgen found a flaw in the way KDM handled logins when autologin and shutdown with password were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious web site could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0905.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4569 1018724 http://securitytracker.com/id?1018724 25730 http://www.securityfocus.com/bid/25730 26894 http://secunia.com/advisories/26894 26904 http://secunia.com/advisories/26904 26915 http://secunia.com/advisories/26915 26929 http://secunia.com/advisories/26929 26977 http://secunia.com/advisories/26977 27089 http://secunia.com/advisories/27089 27096 http://secunia.com/advisories/27096 27106 http://secunia.com/advisories/27106 27180 http://secunia.com/advisories/27180 27271 http://secunia.com/advisories/27271 ADV-2007-3227 http://www.vupen.com/english/advisories/2007/3227 DSA-1376 http://www.debian.org/security/2007/dsa-1376 FEDORA-2007-2361 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html FEDORA-2007-716 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html GLSA-200710-15 http://security.gentoo.org/glsa/glsa-200710-15.xml MDKSA-2007:190 http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 RHSA-2007:0905 http://www.redhat.com/support/errata/RHSA-2007-0905.html SUSE-SR:2007:021 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html USN-517-1 http://www.ubuntu.com/usn/usn-517-1 http://www.kde.org/info/security/advisory-20070919-1.txt https://issues.rpath.com/browse/RPL-1725 kde-kdm-login-security-bypass(36711) https://exchange.xforce.ibmcloud.com/vulnerabilities/36711 oval:org.mitre.oval:def:10359 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359 Common Vulnerability Exposure (CVE) ID: CVE-2007-3820 BugTraq ID: 24912 http://www.securityfocus.com/bid/24912 BugTraq ID: 24918 http://www.securityfocus.com/bid/24918 Bugtraq: 20070713 Opera/Konqueror: data: URL scheme address bar spoofing (Google Search) http://www.securityfocus.com/archive/1/473703/100/0/threaded Bugtraq: 20070714 Re: Opera/Konqueror: data: URL scheme address bar spoofing (Google Search) http://www.securityfocus.com/archive/1/473712/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00085.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:176 http://alt.swiecki.net/oper1.html http://osvdb.org/37242 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10345 http://www.redhat.com/support/errata/RHSA-2007-0909.html http://www.securitytracker.com/id?1018396 http://secunia.com/advisories/26091 http://secunia.com/advisories/26612 http://secunia.com/advisories/26720 http://secunia.com/advisories/27090 http://secunia.com/advisories/27108 http://securityreason.com/securityalert/2905 http://www.ubuntu.com/usn/usn-502-1 http://www.vupen.com/english/advisories/2007/2538 XForce ISS Database: opera-konqueror-addressbar-spoofing(35430) https://exchange.xforce.ibmcloud.com/vulnerabilities/35430 Common Vulnerability Exposure (CVE) ID: CVE-2007-4224 BugTraq ID: 25219 http://www.securityfocus.com/bid/25219 Bugtraq: 20070806 Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475689/100/0/threaded Bugtraq: 20070806 Re: Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475731/100/0/threaded Bugtraq: 20070806 Re: Konqueror: URL address bar spoofingvulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475730/100/0/threaded Bugtraq: 20070807 Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475763/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9879 http://securitytracker.com/id?1018579 http://secunia.com/advisories/26351 http://secunia.com/advisories/26690 http://securityreason.com/securityalert/2982 SuSE Security Announcement: SUSE-SR:2007:021 (Google Search) http://www.vupen.com/english/advisories/2007/2807 XForce ISS Database: konqueror-setinterval-spoofing(35828) https://exchange.xforce.ibmcloud.com/vulnerabilities/35828
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com