Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:049 (nss

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60404
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:049 (nss_ldap)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to nss_ldap announced via advisory MDVSA-2008:049. A race condition in nss_ldap, when used in applications that use pthread and fork after a call to nss_ldap, does not properly handle the LDAP connection, which might cause nss_ldap to return the wrong user data to the wrong process, giving one user access to data belonging to another user, in some cases. The updated package hais been patched to prevent this issue. Affected: 2007.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:049 Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5794 1020088 http://www.securitytracker.com/id?1020088 20080212 FLEA-2008-0003-1 nss_ldap http://www.securityfocus.com/archive/1/487985/100/0/threaded 26452 http://www.securityfocus.com/bid/26452 27670 http://secunia.com/advisories/27670 27768 http://secunia.com/advisories/27768 27839 http://secunia.com/advisories/27839 28061 http://secunia.com/advisories/28061 28838 http://secunia.com/advisories/28838 29083 http://secunia.com/advisories/29083 30352 http://secunia.com/advisories/30352 31227 http://secunia.com/advisories/31227 31524 http://secunia.com/advisories/31524 DSA-1430 http://www.debian.org/security/2007/dsa-1430 GLSA-200711-33 http://security.gentoo.org/glsa/glsa-200711-33.xml MDVSA-2008:049 http://www.mandriva.com/security/advisories?name=MDVSA-2008:049 RHSA-2008:0389 http://www.redhat.com/support/errata/RHSA-2008-0389.html RHSA-2008:0715 http://www.redhat.com/support/errata/RHSA-2008-0715.html SUSE-SR:2008:003 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html [Dovecot] 20050303 hanging imap... and users getting other users' emails! http://www.dovecot.org/list/dovecot/2005-March/006345.html [Dovecot] 20050409 Authentication and the wrong mailbox? http://www.dovecot.org/list/dovecot/2005-April/006859.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868 http://bugs.gentoo.org/show_bug.cgi?id=198390 http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255 https://bugzilla.redhat.com/show_bug.cgi?id=154314 https://bugzilla.redhat.com/show_bug.cgi?id=367461 https://issues.rpath.com/browse/RPL-1913 nssldap-ldap-race-condition(38505) https://exchange.xforce.ibmcloud.com/vulnerabilities/38505 oval:org.mitre.oval:def:10625 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10625
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com