Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200903-29 (bluez-utils bluez-libs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63613

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200903-29 (bluez-utils bluez-libs)

Resumen: The remote host is missing updates announced in;advisory GLSA 200903-29.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200903-29.

Vulnerability Insight:
Insufficient input validation in BlueZ may lead to arbitrary code execution
or a Denial of Service.

Solution:
All bluez-utils users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-wireless/bluez-utils-3.36'

All bluez-libs users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-wireless/bluez-libs-3.36'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2374
1020479
http://www.securitytracker.com/id?1020479
30105
http://www.securityfocus.com/bid/30105
30957
http://secunia.com/advisories/30957
31057
http://secunia.com/advisories/31057
31833
http://secunia.com/advisories/31833
32099
http://secunia.com/advisories/32099
32279
http://secunia.com/advisories/32279
34280
http://secunia.com/advisories/34280
ADV-2008-2096
http://www.vupen.com/english/advisories/2008/2096/references
FEDORA-2008-6133
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00233.html
FEDORA-2008-6140
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00396.html
GLSA-200903-29
http://security.gentoo.org/glsa/glsa-200903-29.xml
MDVSA-2008:145
http://www.mandriva.com/security/advisories?name=MDVSA-2008:145
RHSA-2008:0581
http://www.redhat.com/support/errata/RHSA-2008-0581.html
SUSE-SR:2008:019
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
[bluez-devel] 20080616 SDP payload processing vulnerability
http://sourceforge.net/mailarchive/message.php?msg_name=b32d44000806161327u680c290au54fd21f2fef1d58e%40mail.gmail.com
http://www.bluez.org/bluez-334/
oval:org.mitre.oval:def:9973
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9973

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63613
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200903-29 (bluez-utils bluez-libs)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200903-29.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200903-29. Vulnerability Insight: Insufficient input validation in BlueZ may lead to arbitrary code execution or a Denial of Service. Solution: All bluez-utils users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-wireless/bluez-utils-3.36' All bluez-libs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-wireless/bluez-libs-3.36' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2374 1020479 http://www.securitytracker.com/id?1020479 30105 http://www.securityfocus.com/bid/30105 30957 http://secunia.com/advisories/30957 31057 http://secunia.com/advisories/31057 31833 http://secunia.com/advisories/31833 32099 http://secunia.com/advisories/32099 32279 http://secunia.com/advisories/32279 34280 http://secunia.com/advisories/34280 ADV-2008-2096 http://www.vupen.com/english/advisories/2008/2096/references FEDORA-2008-6133 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00233.html FEDORA-2008-6140 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00396.html GLSA-200903-29 http://security.gentoo.org/glsa/glsa-200903-29.xml MDVSA-2008:145 http://www.mandriva.com/security/advisories?name=MDVSA-2008:145 RHSA-2008:0581 http://www.redhat.com/support/errata/RHSA-2008-0581.html SUSE-SR:2008:019 http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html [bluez-devel] 20080616 SDP payload processing vulnerability http://sourceforge.net/mailarchive/message.php?msg_name=b32d44000806161327u680c290au54fd21f2fef1d58e%40mail.gmail.com http://www.bluez.org/bluez-334/ oval:org.mitre.oval:def:9973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9973
Copyright	Copyright (C) 2009 E-Soft Inc.