ID de Prueba:	1.3.6.1.4.1.25623.1.0.64673
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1238
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:1238.;;Dnsmasq is a lightweight and easy to configure DNS forwarder and DHCP;server.;;Core Security Technologies discovered a heap overflow flaw in dnsmasq when;the TFTP service is enabled (the --enable-tftp command line option, or by;enabling enable-tftp in /etc/dnsmasq.conf). If the configured tftp-root;is sufficiently long, and a remote user sends a request that sends a long;file name, dnsmasq could crash or, possibly, execute arbitrary code with;the privileges of the dnsmasq service (usually the unprivileged nobody;user). (CVE-2009-2957);;A NULL pointer dereference flaw was discovered in dnsmasq when the TFTP;service is enabled. This flaw could allow a malicious TFTP client to crash;the dnsmasq service. (CVE-2009-2958);;Note: The default tftp-root is /var/ftpd, which is short enough to make;it difficult to exploit the CVE-2009-2957 issue. If a longer directory name;is used, arbitrary code execution may be possible. As well, the dnsmasq;package distributed by Red Hat does not have TFTP support enabled by;default.;;All users of dnsmasq should upgrade to this updated package, which contains;a backported patch to correct these issues. After installing the updated;package, the dnsmasq service must be restarted for the update to take;effect.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1238. Dnsmasq is a lightweight and easy to configure DNS forwarder and DHCP server. Core Security Technologies discovered a heap overflow flaw in dnsmasq when the TFTP service is enabled (the --enable-tftp command line option, or by enabling enable-tftp in /etc/dnsmasq.conf). If the configured tftp-root is sufficiently long, and a remote user sends a request that sends a long file name, dnsmasq could crash or, possibly, execute arbitrary code with the privileges of the dnsmasq service (usually the unprivileged nobody user). (CVE-2009-2957) A NULL pointer dereference flaw was discovered in dnsmasq when the TFTP service is enabled. This flaw could allow a malicious TFTP client to crash the dnsmasq service. (CVE-2009-2958) Note: The default tftp-root is /var/ftpd, which is short enough to make it difficult to exploit the CVE-2009-2957 issue. If a longer directory name is used, arbitrary code execution may be possible. As well, the dnsmasq package distributed by Red Hat does not have TFTP support enabled by default. All users of dnsmasq should upgrade to this updated package, which contains a backported patch to correct these issues. After installing the updated package, the dnsmasq service must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2957 BugTraq ID: 36121 http://www.securityfocus.com/bid/36121 http://www.coresecurity.com/content/dnsmasq-vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10538 http://www.redhat.com/support/errata/RHSA-2009-1238.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://secunia.com/advisories/36563 http://www.ubuntu.com/usn/USN-827-1 Common Vulnerability Exposure (CVE) ID: CVE-2009-2958 BugTraq ID: 36120 http://www.securityfocus.com/bid/36120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9816
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.