ID de Prueba:	1.3.6.1.4.1.25623.1.0.60959
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0295
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0295. The vsftpd package includes a Very Secure File Transfer Protocol (FTP) daemon. A memory leak was discovered in the vsftpd daemon. An attacker who is able to connect to an FTP service, either as an authenticated or anonymous user, could cause vsftpd to allocate all available memory if the deny_file option was enabled in vsftpd.conf. (CVE-2007-5962) All vsftpd users are advised to upgrade to this updated package, which resolves these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0295.html http://www.redhat.com/security/updates/classification/#low Risk factor : High CVSS Score: 7.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5962 1020079 http://securitytracker.com/id?1020079 20080606 rPSA-2008-0185-1 vsftpd http://www.securityfocus.com/archive/1/493167/100/0/threaded 29322 http://www.securityfocus.com/bid/29322 30341 http://secunia.com/advisories/30341 30354 http://secunia.com/advisories/30354 5814 https://www.exploit-db.com/exploits/5814 ADV-2008-1600 http://www.vupen.com/english/advisories/2008/1600 FEDORA-2008-4347 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00681.html FEDORA-2008-4362 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00691.html FEDORA-2008-4373 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00699.html RHSA-2008:0295 http://www.redhat.com/support/errata/RHSA-2008-0295.html [oss-security] 20080521 Re: vsftpd CVE-2007-5962 (Red Hat / Fedora specific) http://www.openwall.com/lists/oss-security/2008/05/21/10 http://www.openwall.com/lists/oss-security/2008/05/21/12 [oss-security] 20080521 vsftpd CVE-2007-5962 (Red Hat / Fedora specific) http://www.openwall.com/lists/oss-security/2008/05/21/8 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0185 https://bugzilla.redhat.com/show_bug.cgi?id=397011 oval:org.mitre.oval:def:8850 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8850 vsftpd-denyfile-dos(42593) https://exchange.xforce.ibmcloud.com/vulnerabilities/42593
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.