ID de Prueba:	1.3.6.1.4.1.25623.1.0.68025
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0720
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0720. MikMod is a MOD music file player for Linux, UNIX, and similar operating systems. It supports various file formats including MOD, STM, S3M, MTM, XM, ULT, and IT. Multiple input validation flaws, resulting in buffer overflows, were discovered in MikMod. Specially-crafted music files in various formats could, when played, cause an application using the MikMod library to crash or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996, CVE-2007-6720) All MikMod users should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using the MikMod library must be restarted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0720.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6720 BugTraq ID: 33235 http://www.securityfocus.com/bid/33235 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519 http://openwall.com/lists/oss-security/2009/01/13/2 http://secunia.com/advisories/34259 SuSE Security Announcement: SUSE-SR:2009:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html Common Vulnerability Exposure (CVE) ID: CVE-2009-3995 BugTraq ID: 37374 http://www.securityfocus.com/bid/37374 Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows (Google Search) http://www.securityfocus.com/archive/1/508527/100/0/threaded Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/508526/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2010:151 http://secunia.com/secunia_research/2009-52/ http://secunia.com/secunia_research/2009-53/ http://secunia.com/secunia_research/2009-55/ http://secunia.com/advisories/37495 http://secunia.com/advisories/40799 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://www.vupen.com/english/advisories/2009/3575 http://www.vupen.com/english/advisories/2010/1107 http://www.vupen.com/english/advisories/2010/1957 Common Vulnerability Exposure (CVE) ID: CVE-2009-3996 Bugtraq: 20091217 Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/508528/100/0/threaded http://secunia.com/secunia_research/2009-56/
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.