ID de Prueba:	1.3.6.1.4.1.25623.1.0.61403
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0836
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0836. The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files. A denial of service flaw was found in the way libxml2 processes certain content. If an application linked against libxml2 processes malformed XML content, it could cause the application to stop responding. (CVE-2008-3281) Red Hat would like to thank Andreas Solberg for responsibly disclosing this issue. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0836.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3281 1020728 http://www.securitytracker.com/id?1020728 20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff http://www.securityfocus.com/archive/1/497962/100/0/threaded 30783 http://www.securityfocus.com/bid/30783 31558 http://secunia.com/advisories/31558 31566 http://secunia.com/advisories/31566 31590 http://secunia.com/advisories/31590 31728 http://secunia.com/advisories/31728 31748 http://secunia.com/advisories/31748 31855 http://secunia.com/advisories/31855 31982 http://secunia.com/advisories/31982 32488 http://secunia.com/advisories/32488 32807 http://secunia.com/advisories/32807 32974 http://secunia.com/advisories/32974 35379 http://secunia.com/advisories/35379 ADV-2008-2419 http://www.vupen.com/english/advisories/2008/2419 ADV-2008-2843 http://www.vupen.com/english/advisories/2008/2843 ADV-2008-2971 http://www.vupen.com/english/advisories/2008/2971 ADV-2009-1522 http://www.vupen.com/english/advisories/2009/1522 ADV-2009-1621 http://www.vupen.com/english/advisories/2009/1621 APPLE-SA-2009-06-08-1 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html APPLE-SA-2009-06-17-1 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html DSA-1631 http://www.debian.org/security/2008/dsa-1631 FEDORA-2008-7395 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00347.html FEDORA-2008-7594 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00261.html GLSA-200812-06 http://security.gentoo.org/glsa/glsa-200812-06.xml MDVSA-2008:180 http://www.mandriva.com/security/advisories?name=MDVSA-2008:180 MDVSA-2008:192 http://www.mandriva.com/security/advisories?name=MDVSA-2008:192 RHSA-2008:0836 https://rhn.redhat.com/errata/RHSA-2008-0836.html SUSE-SR:2008:018 http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html USN-640-1 http://www.ubuntu.com/usn/usn-640-1 USN-644-1 https://usn.ubuntu.com/644-1/ [Security-announce] 20081030 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff http://lists.vmware.com/pipermail/security-announce/2008/000039.html [xml] 20080820 Security fix for libxml2 http://mail.gnome.org/archives/xml/2008-August/msg00034.html http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 http://svn.gnome.org/viewvc/libxml2?view=revision&revision=3772 http://wiki.rpath.com/Advisories:rPSA-2008-0325 http://www.vmware.com/security/advisories/VMSA-2008-0017.html http://xmlsoft.org/news.html https://bugzilla.redhat.com/show_bug.cgi?id=458086 oval:org.mitre.oval:def:6496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6496 oval:org.mitre.oval:def:9812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9812
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.