Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200908-05 (subversion)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64762

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200908-05 (subversion)

Resumen: The remote host is missing updates announced in;advisory GLSA 200908-05.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200908-05.

Vulnerability Insight:
Multiple integer overflows, leading to heap-based buffer overflows in the
Subversion client and server might allow remote attackers to execute
arbitrary code.

Solution:
All Subversion users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose =dev-util/subversion-1.6.4

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:M/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2411
1022697
http://www.securitytracker.com/id?1022697
20090807 Subversion heap overflow
http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html
35983
http://www.securityfocus.com/bid/35983
36184
http://secunia.com/advisories/36184
36224
http://secunia.com/advisories/36224
36232
http://secunia.com/advisories/36232
36257
http://secunia.com/advisories/36257
36262
http://secunia.com/advisories/36262
56856
http://osvdb.org/56856
ADV-2009-2180
http://www.vupen.com/english/advisories/2009/2180
ADV-2009-3184
http://www.vupen.com/english/advisories/2009/3184
APPLE-SA-2009-11-09-1
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
DSA-1855
http://www.debian.org/security/2009/dsa-1855
FEDORA-2009-8432
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html
FEDORA-2009-8449
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html
MDVSA-2009:199
http://www.mandriva.com/security/advisories?name=MDVSA-2009:199
RHSA-2009:1203
http://www.redhat.com/support/errata/RHSA-2009-1203.html
USN-812-1
http://www.ubuntu.com/usn/usn-812-1
[dev] 20090806 Patch to 1.4.x branch for CVE-2009-2411
http://svn.haxx.se/dev/archive-2009-08/0110.shtml
[dev] 20090806 Subversion 1.5.7 Released
http://svn.haxx.se/dev/archive-2009-08/0108.shtml
[dev] 20090806 Subversion 1.6.4 Released
http://svn.haxx.se/dev/archive-2009-08/0107.shtml
http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
http://support.apple.com/kb/HT3937
http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES
http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES
oval:org.mitre.oval:def:11465
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64762
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200908-05 (subversion)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200908-05.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200908-05. Vulnerability Insight: Multiple integer overflows, leading to heap-based buffer overflows in the Subversion client and server might allow remote attackers to execute arbitrary code. Solution: All Subversion users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =dev-util/subversion-1.6.4 CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2411 1022697 http://www.securitytracker.com/id?1022697 20090807 Subversion heap overflow http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html 35983 http://www.securityfocus.com/bid/35983 36184 http://secunia.com/advisories/36184 36224 http://secunia.com/advisories/36224 36232 http://secunia.com/advisories/36232 36257 http://secunia.com/advisories/36257 36262 http://secunia.com/advisories/36262 56856 http://osvdb.org/56856 ADV-2009-2180 http://www.vupen.com/english/advisories/2009/2180 ADV-2009-3184 http://www.vupen.com/english/advisories/2009/3184 APPLE-SA-2009-11-09-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html DSA-1855 http://www.debian.org/security/2009/dsa-1855 FEDORA-2009-8432 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html FEDORA-2009-8449 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html MDVSA-2009:199 http://www.mandriva.com/security/advisories?name=MDVSA-2009:199 RHSA-2009:1203 http://www.redhat.com/support/errata/RHSA-2009-1203.html USN-812-1 http://www.ubuntu.com/usn/usn-812-1 [dev] 20090806 Patch to 1.4.x branch for CVE-2009-2411 http://svn.haxx.se/dev/archive-2009-08/0110.shtml [dev] 20090806 Subversion 1.5.7 Released http://svn.haxx.se/dev/archive-2009-08/0108.shtml [dev] 20090806 Subversion 1.6.4 Released http://svn.haxx.se/dev/archive-2009-08/0107.shtml http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt http://support.apple.com/kb/HT3937 http://svn.collab.net/repos/svn/tags/1.5.7/CHANGES http://svn.collab.net/repos/svn/tags/1.6.4/CHANGES oval:org.mitre.oval:def:11465 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465
Copyright	Copyright (C) 2009 E-Soft Inc.