ID de Prueba:	1.3.6.1.4.1.25623.1.0.67289
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: irssi
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: irssi zh-irssi irssi-devel CVE-2010-1155 Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate. CVE-2010-1156 core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1155 39365 http://secunia.com/advisories/39365 39620 http://secunia.com/advisories/39620 39797 http://secunia.com/advisories/39797 ADV-2010-0856 http://www.vupen.com/english/advisories/2010/0856 ADV-2010-0987 http://www.vupen.com/english/advisories/2010/0987 ADV-2010-1107 http://www.vupen.com/english/advisories/2010/1107 ADV-2010-1110 http://www.vupen.com/english/advisories/2010/1110 FEDORA-2010-6629 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041054.html SSA:2010-116-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.497301 SUSE-SR:2010:011 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html USN-929-1 http://www.ubuntu.com/usn/USN-929-1 [oss-security] 20100411 CVE request: irssi 0.8.15 http://marc.info/?l=oss-security&m=127098845125270&w=2 [oss-security] 20100412 Re: CVE request: irssi 0.8.15 http://marc.info/?l=oss-security&m=127110132019166&w=2 [oss-security] 20100413 Re: CVE request: irssi 0.8.15 http://marc.info/?l=oss-security&m=127116251220784&w=2 http://marc.info/?l=oss-security&m=127119240204394&w=2 http://github.com/ensc/irssi-proxy/commit/85bbc05b21678e80423815d2ef1dfe26208491ab http://irssi.org/news http://irssi.org/news/ChangeLog irssi-hostname-mitm(57790) https://exchange.xforce.ibmcloud.com/vulnerabilities/57790 Common Vulnerability Exposure (CVE) ID: CVE-2010-1156 1023845 http://securitytracker.com/id?1023845 http://marc.info/?l=oss-security&m=127111071631857&w=2 http://marc.info/?l=oss-security&m=127115784314970&w=2 http://svn.irssi.org/cgi-bin/viewvc.cgi/irssi/trunk/src/core/nicklist.c?root=irssi&r1=4922&r2=5126 irssi-unspecified-dos(57791) https://exchange.xforce.ibmcloud.com/vulnerabilities/57791
Copyright	Copyright (C) 2010 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.