ID de Prueba:	1.3.6.1.4.1.25623.1.0.60523
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2008-061-01)
Resumen:	The remote host is missing an update for the 'mozilla-thunderbird' package(s) announced via the SSA:2008-061-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mozilla-thunderbird' package(s) announced via the SSA:2008-061-01 advisory. Vulnerability Insight: New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Here are the details from the Slackware 12.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-2.0.0.12-i686-1.tgz: Upgraded to thunderbird-2.0.0.12. This update fixes the following security related issues: MFSA 2008-12: Heap buffer overflow in external MIME bodies MFSA 2008-05: Directory traversal via chrome: URI MFSA 2008-03: Privilege escalation, XSS, Remote Code Execution MFSA 2008-01: Crashes with evidence of memory corruption (rv:1.8.1.12) For more information, see: [links moved to references] These are the related CVE entries: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'mozilla-thunderbird' package(s) on Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0304 BugTraq ID: 28012 http://www.securityfocus.com/bid/28012 CERT/CC vulnerability note: VU#661651 http://www.kb.cert.org/vuls/id/661651 Debian Security Information: DSA-1621 (Google Search) http://www.debian.org/security/2008/dsa-1621 Debian Security Information: DSA-1697 (Google Search) http://www.debian.org/security/2009/dsa-1697 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=668 http://www.mandriva.com/security/advisories?name=MDVSA-2008:062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11075 http://securitytracker.com/id?1019504 http://secunia.com/advisories/29098 http://secunia.com/advisories/29133 http://secunia.com/advisories/29167 http://secunia.com/advisories/29211 http://secunia.com/advisories/30327 http://secunia.com/advisories/31043 http://secunia.com/advisories/31253 http://secunia.com/advisories/33433 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.445399 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1 http://www.ubuntu.com/usn/usn-582-1 http://www.ubuntu.com/usn/usn-582-2 http://www.vupen.com/english/advisories/2008/2091/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0412 BugTraq ID: 27683 http://www.securityfocus.com/bid/27683 Bugtraq: 20080209 rPSA-2008-0051-1 firefox (Google Search) http://www.securityfocus.com/archive/1/487826/100/0/threaded Bugtraq: 20080212 FLEA-2008-0001-1 firefox (Google Search) http://www.securityfocus.com/archive/1/488002/100/0/threaded Bugtraq: 20080229 rPSA-2008-0093-1 thunderbird (Google Search) http://www.securityfocus.com/archive/1/488971/100/0/threaded Debian Security Information: DSA-1484 (Google Search) http://www.debian.org/security/2008/dsa-1484 Debian Security Information: DSA-1485 (Google Search) http://www.debian.org/security/2008/dsa-1485 Debian Security Information: DSA-1489 (Google Search) http://www.debian.org/security/2008/dsa-1489 Debian Security Information: DSA-1506 (Google Search) http://www.debian.org/security/2008/dsa-1506 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10573 http://www.redhat.com/support/errata/RHSA-2008-0103.html http://www.redhat.com/support/errata/RHSA-2008-0104.html http://www.redhat.com/support/errata/RHSA-2008-0105.html http://www.securitytracker.com/id?1019320 http://secunia.com/advisories/28754 http://secunia.com/advisories/28758 http://secunia.com/advisories/28766 http://secunia.com/advisories/28808 http://secunia.com/advisories/28815 http://secunia.com/advisories/28818 http://secunia.com/advisories/28839 http://secunia.com/advisories/28864 http://secunia.com/advisories/28865 http://secunia.com/advisories/28877 http://secunia.com/advisories/28879 http://secunia.com/advisories/28924 http://secunia.com/advisories/28939 http://secunia.com/advisories/28958 http://secunia.com/advisories/29049 http://secunia.com/advisories/29086 http://secunia.com/advisories/29164 http://secunia.com/advisories/29567 http://secunia.com/advisories/30620 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 SuSE Security Announcement: SUSE-SA:2008:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html http://www.ubuntu.com/usn/usn-576-1 http://www.vupen.com/english/advisories/2008/0453/references http://www.vupen.com/english/advisories/2008/0454/references http://www.vupen.com/english/advisories/2008/0627/references http://www.vupen.com/english/advisories/2008/1793/references Common Vulnerability Exposure (CVE) ID: CVE-2008-0413 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10385 http://www.securitytracker.com/id?1019321 Common Vulnerability Exposure (CVE) ID: CVE-2008-0415 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9897 http://www.securitytracker.com/id?1019327 Common Vulnerability Exposure (CVE) ID: CVE-2008-0418 BugTraq ID: 27406 http://www.securityfocus.com/bid/27406 CERT/CC vulnerability note: VU#309608 http://www.kb.cert.org/vuls/id/309608 http://www.hiredhacker.com/2008/01/19/firefox-chrome-url-handling-directory-traversal/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10705 http://www.securitytracker.com/id?1019329 http://secunia.com/advisories/28622/ http://www.vupen.com/english/advisories/2008/0263
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.