Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200803-16 (mplayer)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60519

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200803-16 (mplayer)

Resumen: The remote host is missing updates announced in;advisory GLSA 200803-16.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200803-16.

Vulnerability Insight:
Multiple vulnerabilities have been discovered in MPlayer, possibly allowing
for the remote execution of arbitrary code.

Solution:
All MPlayer users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p25993'

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0485
BugTraq ID: 27499
http://www.securityfocus.com/bid/27499
Bugtraq: 20080204 CORE-2008-0122: MPlayer arbitrary pointer dereference (Google Search)
http://www.securityfocus.com/archive/1/487500/100/0/threaded
Debian Security Information: DSA-1496 (Google Search)
http://www.debian.org/security/2008/dsa-1496
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060032.html
http://security.gentoo.org/glsa/glsa-200803-16.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:045
http://www.coresecurity.com/?action=item&id=2102
http://www.securitytracker.com/id?1019299
http://secunia.com/advisories/28779
http://secunia.com/advisories/28955
http://secunia.com/advisories/28956
http://secunia.com/advisories/29307
http://securityreason.com/securityalert/3607
http://www.vupen.com/english/advisories/2008/0406/references
Common Vulnerability Exposure (CVE) ID: CVE-2008-0486
BugTraq ID: 27441
http://www.securityfocus.com/bid/27441
Bugtraq: 20080204 CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability (Google Search)
http://www.securityfocus.com/archive/1/487501/100/0/threaded
Debian Security Information: DSA-1536 (Google Search)
http://www.debian.org/security/2008/dsa-1536
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060033.html
http://security.gentoo.org/glsa/glsa-200802-12.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:046
http://www.coresecurity.com/?action=item&id=2103
http://secunia.com/advisories/28801
http://secunia.com/advisories/28918
http://secunia.com/advisories/28989
http://secunia.com/advisories/29141
http://secunia.com/advisories/29323
http://secunia.com/advisories/29601
http://secunia.com/advisories/31393
http://securityreason.com/securityalert/3608
SuSE Security Announcement: SUSE-SR:2008:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html
http://www.ubuntu.com/usn/usn-635-1
http://www.vupen.com/english/advisories/2008/0421
Common Vulnerability Exposure (CVE) ID: CVE-2008-0629
BugTraq ID: 27765
http://www.securityfocus.com/bid/27765
Common Vulnerability Exposure (CVE) ID: CVE-2008-0630
BugTraq ID: 27766
http://www.securityfocus.com/bid/27766

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60519
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200803-16 (mplayer)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200803-16.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200803-16. Vulnerability Insight: Multiple vulnerabilities have been discovered in MPlayer, possibly allowing for the remote execution of arbitrary code. Solution: All MPlayer users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p25993' CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0485 BugTraq ID: 27499 http://www.securityfocus.com/bid/27499 Bugtraq: 20080204 CORE-2008-0122: MPlayer arbitrary pointer dereference (Google Search) http://www.securityfocus.com/archive/1/487500/100/0/threaded Debian Security Information: DSA-1496 (Google Search) http://www.debian.org/security/2008/dsa-1496 http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060032.html http://security.gentoo.org/glsa/glsa-200803-16.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:045 http://www.coresecurity.com/?action=item&id=2102 http://www.securitytracker.com/id?1019299 http://secunia.com/advisories/28779 http://secunia.com/advisories/28955 http://secunia.com/advisories/28956 http://secunia.com/advisories/29307 http://securityreason.com/securityalert/3607 http://www.vupen.com/english/advisories/2008/0406/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0486 BugTraq ID: 27441 http://www.securityfocus.com/bid/27441 Bugtraq: 20080204 CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability (Google Search) http://www.securityfocus.com/archive/1/487501/100/0/threaded Debian Security Information: DSA-1536 (Google Search) http://www.debian.org/security/2008/dsa-1536 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060033.html http://security.gentoo.org/glsa/glsa-200802-12.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:046 http://www.coresecurity.com/?action=item&id=2103 http://secunia.com/advisories/28801 http://secunia.com/advisories/28918 http://secunia.com/advisories/28989 http://secunia.com/advisories/29141 http://secunia.com/advisories/29323 http://secunia.com/advisories/29601 http://secunia.com/advisories/31393 http://securityreason.com/securityalert/3608 SuSE Security Announcement: SUSE-SR:2008:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://www.ubuntu.com/usn/usn-635-1 http://www.vupen.com/english/advisories/2008/0421 Common Vulnerability Exposure (CVE) ID: CVE-2008-0629 BugTraq ID: 27765 http://www.securityfocus.com/bid/27765 Common Vulnerability Exposure (CVE) ID: CVE-2008-0630 BugTraq ID: 27766 http://www.securityfocus.com/bid/27766
Copyright	Copyright (C) 2008 E-Soft Inc.