Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:010 (qemu)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63197

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:010 (qemu)

Resumen: The remote host is missing an update to qemu;announced via advisory MDVSA-2009:010.

Descripción: Summary:
The remote host is missing an update to qemu
announced via advisory MDVSA-2009:010.

Vulnerability Insight:
A security vulnerability have been discovered and corrected
in VNC server of qemu 0.9.1 and earlier, which could lead to a
denial-of-service attack (CVE-2008-2382).

The updated packages have been patched to prevent this.

Affected: 2008.0, 2008.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2382
BugTraq ID: 32910
http://www.securityfocus.com/bid/32910
Bugtraq: 20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS (Google Search)
http://www.securityfocus.com/archive/1/499502/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html
http://www.coresecurity.com/content/vnc-remote-dos
http://securitytracker.com/id?1021488
http://securitytracker.com/id?1021489
http://secunia.com/advisories/33293
http://secunia.com/advisories/33303
http://secunia.com/advisories/33350
http://secunia.com/advisories/33568
http://secunia.com/advisories/34642
http://secunia.com/advisories/35062
http://securityreason.com/securityalert/4803
SuSE Security Announcement: SUSE-SR:2009:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
http://www.ubuntu.com/usn/usn-776-1
http://www.vupen.com/english/advisories/2008/3488
http://www.vupen.com/english/advisories/2008/3489
XForce ISS Database: qemu-kvm-protocolclientmsg-dos(47561)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47561

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63197
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:010 (qemu)
Resumen:	The remote host is missing an update to qemu;announced via advisory MDVSA-2009:010.
Descripción:	Summary: The remote host is missing an update to qemu announced via advisory MDVSA-2009:010. Vulnerability Insight: A security vulnerability have been discovered and corrected in VNC server of qemu 0.9.1 and earlier, which could lead to a denial-of-service attack (CVE-2008-2382). The updated packages have been patched to prevent this. Affected: 2008.0, 2008.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2382 BugTraq ID: 32910 http://www.securityfocus.com/bid/32910 Bugtraq: 20081222 CORE-2008-1210: Qemu and KVM VNC server remote DoS (Google Search) http://www.securityfocus.com/archive/1/499502/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01223.html http://www.coresecurity.com/content/vnc-remote-dos http://securitytracker.com/id?1021488 http://securitytracker.com/id?1021489 http://secunia.com/advisories/33293 http://secunia.com/advisories/33303 http://secunia.com/advisories/33350 http://secunia.com/advisories/33568 http://secunia.com/advisories/34642 http://secunia.com/advisories/35062 http://securityreason.com/securityalert/4803 SuSE Security Announcement: SUSE-SR:2009:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html SuSE Security Announcement: SUSE-SR:2009:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://www.ubuntu.com/usn/usn-776-1 http://www.vupen.com/english/advisories/2008/3488 http://www.vupen.com/english/advisories/2008/3489 XForce ISS Database: qemu-kvm-protocolclientmsg-dos(47561) https://exchange.xforce.ibmcloud.com/vulnerabilities/47561
Copyright	Copyright (C) 2009 E-Soft Inc.