Red Hat Local Security Checks : RedHat Security Advisory RHSA-2008:0946

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61720

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2008:0946

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2008:0946.

ed is a line-oriented text editor, used to create, display, and modify
text files (both interactively and via shell scripts).

A heap-based buffer overflow was discovered in the way ed, the GNU line
editor, processed long file names. An attacker could create a file with a
specially-crafted name that could possibly execute an arbitrary code when
opened in the ed editor. (CVE-2008-3916)

Users of ed should upgrade to this updated package, which contains
a backported patch to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0946.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3916
BugTraq ID: 30815
http://www.securityfocus.com/bid/30815
Bugtraq: 20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed (Google Search)
http://www.securityfocus.com/archive/1/501298/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00847.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00873.html
http://security.gentoo.org/glsa/glsa-200809-15.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:200
http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10678
http://www.redhat.com/support/errata/RHSA-2008-0946.html
http://www.securitytracker.com/id?1020734
http://secunia.com/advisories/32349
http://secunia.com/advisories/32460
http://secunia.com/advisories/33005
http://secunia.com/advisories/38794
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2008/2642
http://www.vupen.com/english/advisories/2008/3347
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2011/0212
XForce ISS Database: gnued-stripescapes-bo(44643)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44643

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61720
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0946
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0946. ed is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts). A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916) Users of ed should upgrade to this updated package, which contains a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0946.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3916 BugTraq ID: 30815 http://www.securityfocus.com/bid/30815 Bugtraq: 20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed (Google Search) http://www.securityfocus.com/archive/1/501298/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00847.html https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00873.html http://security.gentoo.org/glsa/glsa-200809-15.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:200 http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10678 http://www.redhat.com/support/errata/RHSA-2008-0946.html http://www.securitytracker.com/id?1020734 http://secunia.com/advisories/32349 http://secunia.com/advisories/32460 http://secunia.com/advisories/33005 http://secunia.com/advisories/38794 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2008/2642 http://www.vupen.com/english/advisories/2008/3347 http://www.vupen.com/english/advisories/2010/0528 http://www.vupen.com/english/advisories/2011/0212 XForce ISS Database: gnued-stripescapes-bo(44643) https://exchange.xforce.ibmcloud.com/vulnerabilities/44643
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com