ID de Prueba:	1.3.6.1.4.1.25623.1.0.63739
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200904-01 (openfire)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200904-01.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200904-01. Vulnerability Insight: Multiple vulnerabilities were discovered in Openfire, the worst of which may allow remote execution of arbitrary code. Solution: All Openfire users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/openfire-3.6.3' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-6508 BugTraq ID: 32189 http://www.securityfocus.com/bid/32189 Bugtraq: 20081108 [AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...) (Google Search) http://www.securityfocus.com/archive/1/498162/100/0/threaded https://www.exploit-db.com/exploits/7075 http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt http://www.andreas-kurtz.de/archives/63 http://osvdb.org/49663 http://secunia.com/advisories/32478 http://www.vupen.com/english/advisories/2008/3061 XForce ISS Database: openfire-authcheckfilter-security-bypass(46488) https://exchange.xforce.ibmcloud.com/vulnerabilities/46488 Common Vulnerability Exposure (CVE) ID: CVE-2008-6509 http://osvdb.org/51912 XForce ISS Database: openfire-siparklogsummary-sql-injection(46487) https://exchange.xforce.ibmcloud.com/vulnerabilities/46487 Common Vulnerability Exposure (CVE) ID: CVE-2008-6510 XForce ISS Database: openfire-url-xss(46486) https://exchange.xforce.ibmcloud.com/vulnerabilities/46486 Common Vulnerability Exposure (CVE) ID: CVE-2008-6511 Common Vulnerability Exposure (CVE) ID: CVE-2009-0496 BugTraq ID: 32935 http://www.securityfocus.com/bid/32935 BugTraq ID: 32937 http://www.securityfocus.com/bid/32937 BugTraq ID: 32938 http://www.securityfocus.com/bid/32938 BugTraq ID: 32939 http://www.securityfocus.com/bid/32939 BugTraq ID: 32940 http://www.securityfocus.com/bid/32940 BugTraq ID: 32943 http://www.securityfocus.com/bid/32943 BugTraq ID: 32944 http://www.securityfocus.com/bid/32944 Bugtraq: 20090108 CORE-2008-1128: Openfire multiple vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/499880/100/0/threaded http://www.coresecurity.com/content/openfire-multiple-vulnerabilities http://secunia.com/advisories/33452 XForce ISS Database: openfire-mucroomeditform-xss(47845) https://exchange.xforce.ibmcloud.com/vulnerabilities/47845 XForce ISS Database: openfire-multiple-scripts-xss(47834) https://exchange.xforce.ibmcloud.com/vulnerabilities/47834 XForce ISS Database: openfire-serverproperties-xss(47835) https://exchange.xforce.ibmcloud.com/vulnerabilities/47835 Common Vulnerability Exposure (CVE) ID: CVE-2009-0497 BugTraq ID: 32945 http://www.securityfocus.com/bid/32945 http://svn.igniterealtime.org/svn/repos/openfire/trunk/src/web/log.jsp https://bugs.gentoo.org/show_bug.cgi?id=257585 XForce ISS Database: openfire-log-directory-traversal(47806) https://exchange.xforce.ibmcloud.com/vulnerabilities/47806
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.