ID de Prueba:	1.3.6.1.4.1.25623.1.0.60969
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:103 (libid3tag)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libid3tag announced via advisory MDVSA-2008:103. field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop. The updated packages have been patched to correct this. Affected: 2008.0, 2008.1, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:103 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2109 29210 http://www.securityfocus.com/bid/29210 30173 http://secunia.com/advisories/30173 30182 http://secunia.com/advisories/30182 FEDORA-2008-3757 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00159.html GLSA-200805-15 http://security.gentoo.org/glsa/glsa-200805-15.xml MDVSA-2008:103 http://www.mandriva.com/security/advisories?name=MDVSA-2008:103 [mad-dev] 20080112 Initite loop bug in libid3tag-0.15.0b http://www.mars.org/mailman/public/mad-dev/2008-January/001366.html http://bugs.gentoo.org/show_bug.cgi?id=210564 libid3tag-field-dos(42271) https://exchange.xforce.ibmcloud.com/vulnerabilities/42271
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.