ID de Prueba:	1.3.6.1.4.1.25623.1.0.67062
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0143
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0143. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting this issue. Users of cpio are advised to upgrade to this updated package, which contains a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0143.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0624 Bugtraq: 20101027 rPSA-2010-0070-1 cpio tar (Google Search) http://www.securityfocus.com/archive/1/514503/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036668.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038134.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038149.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037395.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037401.html http://security.gentoo.org/glsa/glsa-201111-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:065 http://www.agrs.tu-berlin.de/index.php?id=78327 http://osvdb.org/62950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10277 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6907 http://www.redhat.com/support/errata/RHSA-2010-0141.html http://www.redhat.com/support/errata/RHSA-2010-0142.html http://www.redhat.com/support/errata/RHSA-2010-0144.html http://www.redhat.com/support/errata/RHSA-2010-0145.html http://secunia.com/advisories/38869 http://secunia.com/advisories/38988 http://secunia.com/advisories/39008 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://www.ubuntu.com/usn/USN-2456-1 http://www.vupen.com/english/advisories/2010/0628 http://www.vupen.com/english/advisories/2010/0629 http://www.vupen.com/english/advisories/2010/0639 http://www.vupen.com/english/advisories/2010/0687 http://www.vupen.com/english/advisories/2010/0728 http://www.vupen.com/english/advisories/2010/0729 http://www.vupen.com/english/advisories/2010/1107
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.