Debian Local Security Checks : Debian Security Advisory DSA 1726-1 (python-crypto)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63572

Categoría: Debian Local Security Checks

Título: Debian Security Advisory DSA 1726-1 (python-crypto)

Resumen: Debian Security Advisory DSA 1726-1 (python-crypto)

Descripción: The remote host is missing an update to python-crypto
announced via advisory DSA 1726-1.

Mike Wiacek discovered that a buffer overflow in the ARC2 implementation
of Python Crypto, a collection of cryptographic algorithms and protocols
for Python allows denial of service and potentially the execution of
arbitrary code.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1+dfsg1-2.3+lenny0.

Due to a technical limitation in the Debian archive management scripts
the update for the old stable distribution (etch) cannot be released
synchronously. It will be fixed in version 2.0.1+dfsg1-1.2+etch0 soon.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your python-crypto package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201726-1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0544
http://www.openwall.com/lists/oss-security/2009/02/07/1
http://www.openwall.com/lists/oss-security/2009/02/12/5
http://www.gentoo.org/security/en/glsa/glsa-200903-11.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:049
http://www.mandriva.com/security/advisories?name=MDVSA-2009:050
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
BugTraq ID: 33674
http://www.securityfocus.com/bid/33674
http://secunia.com/advisories/34199
http://secunia.com/advisories/35065
XForce ISS Database: pycrypto-arc2module-bo(48617)
http://xforce.iss.net/xforce/xfdb/48617

Copyright Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63572
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 1726-1 (python-crypto)
Resumen:	Debian Security Advisory DSA 1726-1 (python-crypto)
Descripción:	The remote host is missing an update to python-crypto announced via advisory DSA 1726-1. Mike Wiacek discovered that a buffer overflow in the ARC2 implementation of Python Crypto, a collection of cryptographic algorithms and protocols for Python allows denial of service and potentially the execution of arbitrary code. For the stable distribution (lenny), this problem has been fixed in version 2.0.1+dfsg1-2.3+lenny0. Due to a technical limitation in the Debian archive management scripts the update for the old stable distribution (etch) cannot be released synchronously. It will be fixed in version 2.0.1+dfsg1-1.2+etch0 soon. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your python-crypto package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%201726-1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0544 http://www.openwall.com/lists/oss-security/2009/02/07/1 http://www.openwall.com/lists/oss-security/2009/02/12/5 http://www.gentoo.org/security/en/glsa/glsa-200903-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:049 http://www.mandriva.com/security/advisories?name=MDVSA-2009:050 SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html BugTraq ID: 33674 http://www.securityfocus.com/bid/33674 http://secunia.com/advisories/34199 http://secunia.com/advisories/35065 XForce ISS Database: pycrypto-arc2module-bo(48617) http://xforce.iss.net/xforce/xfdb/48617
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com