Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200803-13 (vlc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60516

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200803-13 (vlc)

Resumen: The remote host is missing updates announced in;advisory GLSA 200803-13.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200803-13.

Vulnerability Insight:
Multiple vulnerabilities were found in VLC, allowing for the execution of
arbitrary code and Denial of Service.

Solution:
All VLC users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/vlc-0.8.6e'

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-6681
BugTraq ID: 27015
http://www.securityfocus.com/bid/27015
Bugtraq: 20071224 Buffer-overflow and format string in VideoLAN VLC 0.8.6d (Google Search)
http://www.securityfocus.com/archive/1/485488/30/0/threaded
Debian Security Information: DSA-1543 (Google Search)
http://www.debian.org/security/2008/dsa-1543
https://www.exploit-db.com/exploits/5667
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://security.gentoo.org/glsa/glsa-200804-25.xml
http://aluigi.altervista.org/adv/vlcboffs-adv.txt
http://mailman.videolan.org/pipermail/vlc-devel/2007-June/032672.html
http://mailman.videolan.org/pipermail/vlc-devel/2007-June/033394.html
http://osvdb.org/42207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14334
http://secunia.com/advisories/28233
http://secunia.com/advisories/29284
http://secunia.com/advisories/29766
http://secunia.com/advisories/29800
http://securityreason.com/securityalert/3550
Common Vulnerability Exposure (CVE) ID: CVE-2007-6682
https://www.exploit-db.com/exploits/5519
http://osvdb.org/42208
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14790
Common Vulnerability Exposure (CVE) ID: CVE-2007-6683
BugTraq ID: 28712
http://www.securityfocus.com/bid/28712
http://mailman.videolan.org/pipermail/vlc-devel/2007-December/037726.html
http://osvdb.org/42205
http://osvdb.org/42206
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14619
Common Vulnerability Exposure (CVE) ID: CVE-2007-6684
http://mailman.videolan.org/pipermail/vlc-devel/2007-September/034722.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14876
Common Vulnerability Exposure (CVE) ID: CVE-2008-0295
BugTraq ID: 27221
http://www.securityfocus.com/bid/27221
http://aluigi.altervista.org/adv/vlcxhof-adv.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14776
http://secunia.com/advisories/28383
http://www.vupen.com/english/advisories/2008/0105
Common Vulnerability Exposure (CVE) ID: CVE-2008-0296
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14597
Common Vulnerability Exposure (CVE) ID: CVE-2008-0984
BugTraq ID: 28007
http://www.securityfocus.com/bid/28007
Bugtraq: 20080227 CORE-2008-0130: VLC media player chunk context validation error (Google Search)
http://www.securityfocus.com/archive/1/488841/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html
http://www.coresecurity.com/?action=item&id=2147
http://www.securitytracker.com/id?1019510
http://secunia.com/advisories/29122
http://secunia.com/advisories/29153
http://www.vupen.com/english/advisories/2008/0682

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60516
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200803-13 (vlc)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200803-13.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200803-13. Vulnerability Insight: Multiple vulnerabilities were found in VLC, allowing for the execution of arbitrary code and Denial of Service. Solution: All VLC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/vlc-0.8.6e' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6681 BugTraq ID: 27015 http://www.securityfocus.com/bid/27015 Bugtraq: 20071224 Buffer-overflow and format string in VideoLAN VLC 0.8.6d (Google Search) http://www.securityfocus.com/archive/1/485488/30/0/threaded Debian Security Information: DSA-1543 (Google Search) http://www.debian.org/security/2008/dsa-1543 https://www.exploit-db.com/exploits/5667 http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml http://security.gentoo.org/glsa/glsa-200804-25.xml http://aluigi.altervista.org/adv/vlcboffs-adv.txt http://mailman.videolan.org/pipermail/vlc-devel/2007-June/032672.html http://mailman.videolan.org/pipermail/vlc-devel/2007-June/033394.html http://osvdb.org/42207 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14334 http://secunia.com/advisories/28233 http://secunia.com/advisories/29284 http://secunia.com/advisories/29766 http://secunia.com/advisories/29800 http://securityreason.com/securityalert/3550 Common Vulnerability Exposure (CVE) ID: CVE-2007-6682 https://www.exploit-db.com/exploits/5519 http://osvdb.org/42208 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14790 Common Vulnerability Exposure (CVE) ID: CVE-2007-6683 BugTraq ID: 28712 http://www.securityfocus.com/bid/28712 http://mailman.videolan.org/pipermail/vlc-devel/2007-December/037726.html http://osvdb.org/42205 http://osvdb.org/42206 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14619 Common Vulnerability Exposure (CVE) ID: CVE-2007-6684 http://mailman.videolan.org/pipermail/vlc-devel/2007-September/034722.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14876 Common Vulnerability Exposure (CVE) ID: CVE-2008-0295 BugTraq ID: 27221 http://www.securityfocus.com/bid/27221 http://aluigi.altervista.org/adv/vlcxhof-adv.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14776 http://secunia.com/advisories/28383 http://www.vupen.com/english/advisories/2008/0105 Common Vulnerability Exposure (CVE) ID: CVE-2008-0296 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14597 Common Vulnerability Exposure (CVE) ID: CVE-2008-0984 BugTraq ID: 28007 http://www.securityfocus.com/bid/28007 Bugtraq: 20080227 CORE-2008-0130: VLC media player chunk context validation error (Google Search) http://www.securityfocus.com/archive/1/488841/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html http://www.coresecurity.com/?action=item&id=2147 http://www.securitytracker.com/id?1019510 http://secunia.com/advisories/29122 http://secunia.com/advisories/29153 http://www.vupen.com/english/advisories/2008/0682
Copyright	Copyright (C) 2008 E-Soft Inc.