Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200904-20 (cups)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63892

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200904-20 (cups)

Resumen: The remote host is missing updates announced in;advisory GLSA 200904-20.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200904-20.

Vulnerability Insight:
Multiple errors in CUPS might allow for the remote execution of arbitrary
code or DNS rebinding attacks.

Solution:
All CUPS users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-print/cups-1.3.10'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0146
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
BugTraq ID: 34568
http://www.securityfocus.com/bid/34568
Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search)
http://www.securityfocus.com/archive/1/502761/100/0/threaded
Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search)
http://www.securityfocus.com/archive/1/502750/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Debian Security Information: DSA-1790 (Google Search)
http://www.debian.org/security/2009/dsa-1790
Debian Security Information: DSA-1793 (Google Search)
http://www.debian.org/security/2009/dsa-1793
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://security.gentoo.org/glsa/glsa-200904-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632
http://www.redhat.com/support/errata/RHSA-2009-0429.html
http://www.redhat.com/support/errata/RHSA-2009-0430.html
http://www.redhat.com/support/errata/RHSA-2009-0431.html
RedHat Security Advisories: RHSA-2009:0458
http://rhn.redhat.com/errata/RHSA-2009-0458.html
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://www.securitytracker.com/id?1022073
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34755
http://secunia.com/advisories/34756
http://secunia.com/advisories/34852
http://secunia.com/advisories/34959
http://secunia.com/advisories/34963
http://secunia.com/advisories/34991
http://secunia.com/advisories/35037
http://secunia.com/advisories/35064
http://secunia.com/advisories/35065
http://secunia.com/advisories/35074
http://secunia.com/advisories/35618
http://secunia.com/advisories/35685
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
SuSE Security Announcement: SUSE-SA:2009:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://www.vupen.com/english/advisories/2009/1065
http://www.vupen.com/english/advisories/2009/1066
http://www.vupen.com/english/advisories/2009/1077
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2010/1040
Common Vulnerability Exposure (CVE) ID: CVE-2009-0147
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941
Common Vulnerability Exposure (CVE) ID: CVE-2009-0163
BugTraq ID: 34571
http://www.securityfocus.com/bid/34571
Debian Security Information: DSA-1773 (Google Search)
http://www.debian.org/security/2009/dsa-1773
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546
http://www.redhat.com/support/errata/RHSA-2009-0428.html
http://www.securitytracker.com/id?1022070
http://secunia.com/advisories/34722
http://secunia.com/advisories/34747
http://www.ubuntu.com/usn/usn-760-1
Common Vulnerability Exposure (CVE) ID: CVE-2009-0164
BugTraq ID: 34665
http://www.securityfocus.com/bid/34665
Common Vulnerability Exposure (CVE) ID: CVE-2009-0166
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63892
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200904-20 (cups)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200904-20.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200904-20. Vulnerability Insight: Multiple errors in CUPS might allow for the remote execution of arbitrary code or DNS rebinding attacks. Solution: All CUPS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-print/cups-1.3.10' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0146 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html BugTraq ID: 34568 http://www.securityfocus.com/bid/34568 Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search) http://www.securityfocus.com/archive/1/502761/100/0/threaded Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search) http://www.securityfocus.com/archive/1/502750/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1790 (Google Search) http://www.debian.org/security/2009/dsa-1790 Debian Security Information: DSA-1793 (Google Search) http://www.debian.org/security/2009/dsa-1793 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html http://security.gentoo.org/glsa/glsa-200904-20.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632 http://www.redhat.com/support/errata/RHSA-2009-0429.html http://www.redhat.com/support/errata/RHSA-2009-0430.html http://www.redhat.com/support/errata/RHSA-2009-0431.html RedHat Security Advisories: RHSA-2009:0458 http://rhn.redhat.com/errata/RHSA-2009-0458.html http://www.redhat.com/support/errata/RHSA-2009-0480.html http://www.securitytracker.com/id?1022073 http://secunia.com/advisories/34291 http://secunia.com/advisories/34481 http://secunia.com/advisories/34755 http://secunia.com/advisories/34756 http://secunia.com/advisories/34852 http://secunia.com/advisories/34959 http://secunia.com/advisories/34963 http://secunia.com/advisories/34991 http://secunia.com/advisories/35037 http://secunia.com/advisories/35064 http://secunia.com/advisories/35065 http://secunia.com/advisories/35074 http://secunia.com/advisories/35618 http://secunia.com/advisories/35685 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 SuSE Security Announcement: SUSE-SA:2009:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.vupen.com/english/advisories/2009/1065 http://www.vupen.com/english/advisories/2009/1066 http://www.vupen.com/english/advisories/2009/1077 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/1621 http://www.vupen.com/english/advisories/2010/1040 Common Vulnerability Exposure (CVE) ID: CVE-2009-0147 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941 Common Vulnerability Exposure (CVE) ID: CVE-2009-0163 BugTraq ID: 34571 http://www.securityfocus.com/bid/34571 Debian Security Information: DSA-1773 (Google Search) http://www.debian.org/security/2009/dsa-1773 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11546 http://www.redhat.com/support/errata/RHSA-2009-0428.html http://www.securitytracker.com/id?1022070 http://secunia.com/advisories/34722 http://secunia.com/advisories/34747 http://www.ubuntu.com/usn/usn-760-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-0164 BugTraq ID: 34665 http://www.securityfocus.com/bid/34665 Common Vulnerability Exposure (CVE) ID: CVE-2009-0166 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778
Copyright	Copyright (C) 2009 E-Soft Inc.