ID de Prueba:	1.3.6.1.4.1.25623.1.0.59016
Categoría:	Slackware Local Security Checks
Título:	Slackware Advisory SSA:2007-264-01 kdebase, kdelibs
Resumen:	The remote host is missing an update as announced;via advisory SSA:2007-264-01.
Descripción:	Summary: The remote host is missing an update as announced via advisory SSA:2007-264-01. Vulnerability Insight: New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror's addressbar, and KDM when used with no-password login could be tricked into logging a different user in without a password. This is not the way KDM is configured in Slackware by default, somewhat mitigating the impact of this issue. Solution: Upgrade to the new package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3820 BugTraq ID: 24912 http://www.securityfocus.com/bid/24912 BugTraq ID: 24918 http://www.securityfocus.com/bid/24918 Bugtraq: 20070713 Opera/Konqueror: data: URL scheme address bar spoofing (Google Search) http://www.securityfocus.com/archive/1/473703/100/0/threaded Bugtraq: 20070714 Re: Opera/Konqueror: data: URL scheme address bar spoofing (Google Search) http://www.securityfocus.com/archive/1/473712/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00085.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:176 http://alt.swiecki.net/oper1.html http://osvdb.org/37242 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10345 http://www.redhat.com/support/errata/RHSA-2007-0905.html http://www.redhat.com/support/errata/RHSA-2007-0909.html http://www.securitytracker.com/id?1018396 http://secunia.com/advisories/26091 http://secunia.com/advisories/26612 http://secunia.com/advisories/26720 http://secunia.com/advisories/27089 http://secunia.com/advisories/27090 http://secunia.com/advisories/27096 http://secunia.com/advisories/27106 http://secunia.com/advisories/27108 http://securityreason.com/securityalert/2905 http://www.ubuntu.com/usn/usn-502-1 http://www.vupen.com/english/advisories/2007/2538 XForce ISS Database: opera-konqueror-addressbar-spoofing(35430) https://exchange.xforce.ibmcloud.com/vulnerabilities/35430 Common Vulnerability Exposure (CVE) ID: CVE-2007-4224 BugTraq ID: 25219 http://www.securityfocus.com/bid/25219 Bugtraq: 20070806 Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475689/100/0/threaded Bugtraq: 20070806 Re: Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475731/100/0/threaded Bugtraq: 20070806 Re: Konqueror: URL address bar spoofingvulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475730/100/0/threaded Bugtraq: 20070807 Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/475763/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065101.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9879 http://securitytracker.com/id?1018579 http://secunia.com/advisories/26351 http://secunia.com/advisories/26690 http://secunia.com/advisories/27271 http://securityreason.com/securityalert/2982 SuSE Security Announcement: SUSE-SR:2007:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html http://www.vupen.com/english/advisories/2007/2807 XForce ISS Database: konqueror-setinterval-spoofing(35828) https://exchange.xforce.ibmcloud.com/vulnerabilities/35828 Common Vulnerability Exposure (CVE) ID: CVE-2007-4225 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html XForce ISS Database: konqueror-data-spoofing(35829) https://exchange.xforce.ibmcloud.com/vulnerabilities/35829 Common Vulnerability Exposure (CVE) ID: CVE-2007-4569 BugTraq ID: 25730 http://www.securityfocus.com/bid/25730 Debian Security Information: DSA-1376 (Google Search) http://www.debian.org/security/2007/dsa-1376 http://security.gentoo.org/glsa/glsa-200710-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359 http://securitytracker.com/id?1018724 http://secunia.com/advisories/26894 http://secunia.com/advisories/26904 http://secunia.com/advisories/26915 http://secunia.com/advisories/26929 http://secunia.com/advisories/26977 http://secunia.com/advisories/27180 http://www.ubuntu.com/usn/usn-517-1 http://www.vupen.com/english/advisories/2007/3227 XForce ISS Database: kde-kdm-login-security-bypass(36711) https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.