ID de Prueba:	1.3.6.1.4.1.25623.1.0.67744
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0603
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0603. The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax (CMS) encryption and signing tool, handled X.509 certificates with a large number of Subject Alternate Names. A specially-crafted X.509 certificate could, when imported, cause gpgsm to crash or, possibly, execute arbitrary code. (CVE-2010-2547) All gnupg2 users should upgrade to this updated package, which contains a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0603.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 5.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2547 1024247 http://www.securitytracker.com/id?1024247 38877 http://secunia.com/advisories/38877 40718 http://secunia.com/advisories/40718 40841 http://secunia.com/advisories/40841 41945 http://www.securityfocus.com/bid/41945 ADV-2010-1931 http://www.vupen.com/english/advisories/2010/1931 ADV-2010-1950 http://www.vupen.com/english/advisories/2010/1950 ADV-2010-1988 http://www.vupen.com/english/advisories/2010/1988 ADV-2010-2217 http://www.vupen.com/english/advisories/2010/2217 ADV-2010-3125 http://www.vupen.com/english/advisories/2010/3125 DSA-2076 http://www.debian.org/security/2010/dsa-2076 FEDORA-2010-11413 http://lists.fedoraproject.org/pipermail/package-announce/2010-August/044935.html MDVSA-2010:143 http://www.mandriva.com/security/advisories?name=MDVSA-2010:143 SSA:2010-240-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.462008 SUSE-SR:2010:020 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00001.html [gnupg-announce] 20100723 [Announce] Security Alert for GnuPG 2.0 - Realloc bug in GPGSM http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0076 https://issues.rpath.com/browse/RPL-3229
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.