FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-08:02.libc.asc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60187

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Security Advisory (FreeBSD-SA-08:02.libc.asc)

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc

Vulnerability Insight:
The resolver is the part of libc that resolves hostnames (example.com) to
internet protocol (IP) addresses (192.0.2.1) and vice versa.

The inet_network() function returns an in_addr_t representing the network
address of the IP address given to inet_network() as a character string in
the dot-notation.

An off-by-one error in the inet_network() function could lead to memory
corruption with certain inputs.

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0122
BugTraq ID: 27283
http://www.securityfocus.com/bid/27283
Bugtraq: 20080124 rPSA-2008-0029-1 bind bind-utils (Google Search)
http://www.securityfocus.com/archive/1/487000/100/0/threaded
CERT/CC vulnerability note: VU#203611
http://www.kb.cert.org/vuls/id/203611
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html
FreeBSD Security Advisory: FreeBSD-SA-08:02
http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190
http://www.redhat.com/support/errata/RHSA-2008-0300.html
http://www.securitytracker.com/id?1019189
http://secunia.com/advisories/28367
http://secunia.com/advisories/28429
http://secunia.com/advisories/28487
http://secunia.com/advisories/28579
http://secunia.com/advisories/29161
http://secunia.com/advisories/29323
http://secunia.com/advisories/30313
http://secunia.com/advisories/30538
http://secunia.com/advisories/30718
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1
SuSE Security Announcement: SUSE-SR:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
http://www.vupen.com/english/advisories/2008/0193
http://www.vupen.com/english/advisories/2008/0703
http://www.vupen.com/english/advisories/2008/1743/references
XForce ISS Database: freebsd-inetnetwork-bo(39670)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39670

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60187
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-08:02.libc.asc)
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:02.libc.asc Vulnerability Insight: The resolver is the part of libc that resolves hostnames (example.com) to internet protocol (IP) addresses (192.0.2.1) and vice versa. The inet_network() function returns an in_addr_t representing the network address of the IP address given to inet_network() as a character string in the dot-notation. An off-by-one error in the inet_network() function could lead to memory corruption with certain inputs. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0122 BugTraq ID: 27283 http://www.securityfocus.com/bid/27283 Bugtraq: 20080124 rPSA-2008-0029-1 bind bind-utils (Google Search) http://www.securityfocus.com/archive/1/487000/100/0/threaded CERT/CC vulnerability note: VU#203611 http://www.kb.cert.org/vuls/id/203611 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html FreeBSD Security Advisory: FreeBSD-SA-08:02 http://security.freebsd.org/advisories/FreeBSD-SA-08:02.libc.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10190 http://www.redhat.com/support/errata/RHSA-2008-0300.html http://www.securitytracker.com/id?1019189 http://secunia.com/advisories/28367 http://secunia.com/advisories/28429 http://secunia.com/advisories/28487 http://secunia.com/advisories/28579 http://secunia.com/advisories/29161 http://secunia.com/advisories/29323 http://secunia.com/advisories/30313 http://secunia.com/advisories/30538 http://secunia.com/advisories/30718 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238493-1 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.vupen.com/english/advisories/2008/0193 http://www.vupen.com/english/advisories/2008/0703 http://www.vupen.com/english/advisories/2008/1743/references XForce ISS Database: freebsd-inetnetwork-bo(39670) https://exchange.xforce.ibmcloud.com/vulnerabilities/39670
Copyright	Copyright (C) 2008 E-Soft Inc.