ID de Prueba:	1.3.6.1.4.1.25623.1.0.61920
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: enscript-a4, enscript-letter, enscript-letterdj
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: enscript-a4 enscript-letter enscript-letterdj CVE-2008-3863 Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. CVE-2008-4306 Unspecified vulnerability in enscript before 1.6.4 in Ubuntu Linux 6.06 LTS, 7.10, 8.04 LTS, and 8.10 has unknown impact and attack vectors, possibly related to a buffer overflow. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3863 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 31858 http://www.securityfocus.com/bid/31858 Bugtraq: 20081022 Secunia Research: GNU Enscript "setfilename" Special Escape Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/497647/100/0/threaded Bugtraq: 20081117 rPSA-2008-0321-1 enscript (Google Search) http://www.securityfocus.com/archive/1/498385/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1670 (Google Search) http://www.debian.org/security/2008/dsa-1670 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00014.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00040.html http://security.gentoo.org/glsa/glsa-200812-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:243 http://secunia.com/secunia_research/2008-41/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9939 http://www.redhat.com/support/errata/RHSA-2008-1016.html RedHat Security Advisories: RHSA-2008:1021 http://rhn.redhat.com/errata/RHSA-2008-1021.html http://secunia.com/advisories/32137 http://secunia.com/advisories/32521 http://secunia.com/advisories/32530 http://secunia.com/advisories/32753 http://secunia.com/advisories/32854 http://secunia.com/advisories/32970 http://secunia.com/advisories/33109 http://secunia.com/advisories/35074 http://securityreason.com/securityalert/4488 SuSE Security Announcement: SUSE-SR:2008:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html http://www.ubuntu.com/usn/usn-660-1 http://www.vupen.com/english/advisories/2008/2891 http://www.vupen.com/english/advisories/2009/1297 XForce ISS Database: gnuenscript-readspecialescape-bo(46026) https://exchange.xforce.ibmcloud.com/vulnerabilities/46026 Common Vulnerability Exposure (CVE) ID: CVE-2008-4306 20081117 rPSA-2008-0321-1 enscript 32521 32530 32753 32854 32970 33109 49569 http://osvdb.org/49569 DSA-1670 FEDORA-2008-9351 FEDORA-2008-9372 GLSA-200812-02 MDVSA-2008:243 RHSA-2008:1016 RHSA-2008:1021 SUSE-SR:2008:024 USN-660-1 http://support.avaya.com/elmodocs2/security/ASA-2008-504.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0321 https://issues.rpath.com/browse/RPL-2887 oval:org.mitre.oval:def:10718 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10718
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.