Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200908-07 (Compress-Raw-Zlib Compress-Raw-Bzip2)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64764

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200908-07 (Compress-Raw-Zlib Compress-Raw-Bzip2)

Resumen: The remote host is missing updates announced in;advisory GLSA 200908-07.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200908-07.

Vulnerability Insight:
An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might
lead to a Denial of Service.

Solution:
All Compress::Raw::Zlib users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Zlib-2.020

All Compress::Raw::Bzip2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Bzip2-2.020

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1391
BugTraq ID: 35307
http://www.securityfocus.com/bid/35307
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00607.html
http://security.gentoo.org/glsa/glsa-200908-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:157
http://article.gmane.org/gmane.mail.virus.amavis.user/33635
http://article.gmane.org/gmane.mail.virus.amavis.user/33638
http://thread.gmane.org/gmane.mail.virus.amavis.user/33635
http://osvdb.org/55041
http://secunia.com/advisories/35422
http://secunia.com/advisories/35685
http://secunia.com/advisories/35689
http://secunia.com/advisories/35876
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
https://usn.ubuntu.com/794-1/
http://www.vupen.com/english/advisories/2009/1571
XForce ISS Database: perl-compressrawzlib-inflate-bo(51062)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51062
Common Vulnerability Exposure (CVE) ID: CVE-2009-1884
36082
http://www.securityfocus.com/bid/36082
36386
http://secunia.com/advisories/36386
36415
http://secunia.com/advisories/36415
FEDORA-2009-8868
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00982.html
FEDORA-2009-8888
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00999.html
GLSA-200908-07
compressrawbzip2-bzinflate-dos(52628)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52628
https://bugs.gentoo.org/show_bug.cgi?id=281955
https://bugzilla.redhat.com/show_bug.cgi?id=518278

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64764
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200908-07 (Compress-Raw-Zlib Compress-Raw-Bzip2)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200908-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200908-07. Vulnerability Insight: An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might lead to a Denial of Service. Solution: All Compress::Raw::Zlib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Zlib-2.020 All Compress::Raw::Bzip2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =perl-core/Compress-Raw-Bzip2-2.020 CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1391 BugTraq ID: 35307 http://www.securityfocus.com/bid/35307 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00607.html http://security.gentoo.org/glsa/glsa-200908-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:157 http://article.gmane.org/gmane.mail.virus.amavis.user/33635 http://article.gmane.org/gmane.mail.virus.amavis.user/33638 http://thread.gmane.org/gmane.mail.virus.amavis.user/33635 http://osvdb.org/55041 http://secunia.com/advisories/35422 http://secunia.com/advisories/35685 http://secunia.com/advisories/35689 http://secunia.com/advisories/35876 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html https://usn.ubuntu.com/794-1/ http://www.vupen.com/english/advisories/2009/1571 XForce ISS Database: perl-compressrawzlib-inflate-bo(51062) https://exchange.xforce.ibmcloud.com/vulnerabilities/51062 Common Vulnerability Exposure (CVE) ID: CVE-2009-1884 36082 http://www.securityfocus.com/bid/36082 36386 http://secunia.com/advisories/36386 36415 http://secunia.com/advisories/36415 FEDORA-2009-8868 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00982.html FEDORA-2009-8888 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00999.html GLSA-200908-07 compressrawbzip2-bzinflate-dos(52628) https://exchange.xforce.ibmcloud.com/vulnerabilities/52628 https://bugs.gentoo.org/show_bug.cgi?id=281955 https://bugzilla.redhat.com/show_bug.cgi?id=518278
Copyright	Copyright (C) 2009 E-Soft Inc.