Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200802-02 (doomsday)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60379

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200802-02 (doomsday)

Resumen: The remote host is missing updates announced in;advisory GLSA 200802-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200802-02.

Vulnerability Insight:
Multiple vulnerabilities in Doomsday might allow remote execution of
arbitrary code or a Denial of Service.

Solution:
While some of these issues could be resolved in
'games-fps/doomsday-1.9.0-beta5.2', the format string vulnerability
(CVE-2007-4644) remains unfixed. We recommend that users unmerge Doomsday:

# emerge --unmerge games-fps/doomsday

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4642
BugTraq ID: 25483
http://www.securityfocus.com/bid/25483
Bugtraq: 20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 (Google Search)
http://www.securityfocus.com/archive/1/478077/100/0/threaded
http://security.gentoo.org/glsa/glsa-200802-02.xml
http://aluigi.altervista.org/adv/dumsdei-adv.txt
http://aluigi.org/poc/dumsdei.zip
http://secunia.com/advisories/26524
http://secunia.com/advisories/28821
http://securityreason.com/securityalert/3084
XForce ISS Database: doomsday-dnetplayerevent-bo(36332)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36332
XForce ISS Database: doomsday-msgwrite-bo(36333)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36333
XForce ISS Database: doomsday-netsvreadcommands-bo(36334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36334
Common Vulnerability Exposure (CVE) ID: CVE-2007-4643
XForce ISS Database: doomsday-svhandlepacket-underflow(36338)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36338
Common Vulnerability Exposure (CVE) ID: CVE-2007-4644
XForce ISS Database: doomsday-clgetpackets-format-string(36337)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36337

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60379
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200802-02 (doomsday)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200802-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200802-02. Vulnerability Insight: Multiple vulnerabilities in Doomsday might allow remote execution of arbitrary code or a Denial of Service. Solution: While some of these issues could be resolved in 'games-fps/doomsday-1.9.0-beta5.2', the format string vulnerability (CVE-2007-4644) remains unfixed. We recommend that users unmerge Doomsday: # emerge --unmerge games-fps/doomsday CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4642 BugTraq ID: 25483 http://www.securityfocus.com/bid/25483 Bugtraq: 20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 (Google Search) http://www.securityfocus.com/archive/1/478077/100/0/threaded http://security.gentoo.org/glsa/glsa-200802-02.xml http://aluigi.altervista.org/adv/dumsdei-adv.txt http://aluigi.org/poc/dumsdei.zip http://secunia.com/advisories/26524 http://secunia.com/advisories/28821 http://securityreason.com/securityalert/3084 XForce ISS Database: doomsday-dnetplayerevent-bo(36332) https://exchange.xforce.ibmcloud.com/vulnerabilities/36332 XForce ISS Database: doomsday-msgwrite-bo(36333) https://exchange.xforce.ibmcloud.com/vulnerabilities/36333 XForce ISS Database: doomsday-netsvreadcommands-bo(36334) https://exchange.xforce.ibmcloud.com/vulnerabilities/36334 Common Vulnerability Exposure (CVE) ID: CVE-2007-4643 XForce ISS Database: doomsday-svhandlepacket-underflow(36338) https://exchange.xforce.ibmcloud.com/vulnerabilities/36338 Common Vulnerability Exposure (CVE) ID: CVE-2007-4644 XForce ISS Database: doomsday-clgetpackets-format-string(36337) https://exchange.xforce.ibmcloud.com/vulnerabilities/36337
Copyright	Copyright (C) 2008 E-Soft Inc.