Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200712-18 (mt-daapd)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60080

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200712-18 (mt-daapd)

Resumen: The remote host is missing updates announced in;advisory GLSA 200712-18.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200712-18.

Vulnerability Insight:
Multiple vulnerabilities in the web server in the Multi-Threaded DAAP
Daemon may lead to the remote execution of arbitrary code.

Solution:
All Multi-Threaded DAAP Daemon users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-sound/mt-daapd-0.2.4.1'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-5824
BugTraq ID: 26309
http://www.securityfocus.com/bid/26309
Bugtraq: 20071102 Re: [UPH-07-01] Firefly Media Server DoS (Google Search)
http://www.securityfocus.com/archive/1/483215/100/0/threaded
Bugtraq: 20071102 [UPH-07-01] Firefly Media Server DoS (Google Search)
http://www.securityfocus.com/archive/1/483210/100/0/threaded
Bugtraq: 20071102 [UPH-07-02] Firefly Media Server DoS (Google Search)
http://www.securityfocus.com/archive/1/483211/100/0/threaded
Debian Security Information: DSA-1597 (Google Search)
http://www.debian.org/security/2008/dsa-1597
https://www.exploit-db.com/exploits/4600
http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml
http://bugs.gentoo.org/show_bug.cgi?id=200110
http://secunia.com/advisories/28269
http://secunia.com/advisories/30661
XForce ISS Database: firefly-decodepassword-dos(38242)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38242
XForce ISS Database: firefly-getheaders-dos(38241)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38241
Common Vulnerability Exposure (CVE) ID: CVE-2007-5825
BugTraq ID: 26310
http://www.securityfocus.com/bid/26310
Bugtraq: 20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/483214/100/0/threaded
Bugtraq: 20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability (Google Search)
http://www.securityfocus.com/archive/1/483209/100/0/threaded
XForce ISS Database: firefly-addarg-format-string(38243)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38243

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60080
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200712-18 (mt-daapd)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200712-18.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200712-18. Vulnerability Insight: Multiple vulnerabilities in the web server in the Multi-Threaded DAAP Daemon may lead to the remote execution of arbitrary code. Solution: All Multi-Threaded DAAP Daemon users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-sound/mt-daapd-0.2.4.1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5824 BugTraq ID: 26309 http://www.securityfocus.com/bid/26309 Bugtraq: 20071102 Re: [UPH-07-01] Firefly Media Server DoS (Google Search) http://www.securityfocus.com/archive/1/483215/100/0/threaded Bugtraq: 20071102 [UPH-07-01] Firefly Media Server DoS (Google Search) http://www.securityfocus.com/archive/1/483210/100/0/threaded Bugtraq: 20071102 [UPH-07-02] Firefly Media Server DoS (Google Search) http://www.securityfocus.com/archive/1/483211/100/0/threaded Debian Security Information: DSA-1597 (Google Search) http://www.debian.org/security/2008/dsa-1597 https://www.exploit-db.com/exploits/4600 http://www.gentoo.org/security/en/glsa/glsa-200712-18.xml http://bugs.gentoo.org/show_bug.cgi?id=200110 http://secunia.com/advisories/28269 http://secunia.com/advisories/30661 XForce ISS Database: firefly-decodepassword-dos(38242) https://exchange.xforce.ibmcloud.com/vulnerabilities/38242 XForce ISS Database: firefly-getheaders-dos(38241) https://exchange.xforce.ibmcloud.com/vulnerabilities/38241 Common Vulnerability Exposure (CVE) ID: CVE-2007-5825 BugTraq ID: 26310 http://www.securityfocus.com/bid/26310 Bugtraq: 20071102 Re: [UPH-07-03] Firefly Media Server remote format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/483214/100/0/threaded Bugtraq: 20071102 [UPH-07-03] Firefly Media Server remote format string vulnerability (Google Search) http://www.securityfocus.com/archive/1/483209/100/0/threaded XForce ISS Database: firefly-addarg-format-string(38243) https://exchange.xforce.ibmcloud.com/vulnerabilities/38243
Copyright	Copyright (C) 2008 E-Soft Inc.