Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:256 (git)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68584

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:256 (git)

Resumen: Mandriva Security Advisory MDVSA-2010:256 (git)

Descripción: The remote host is missing an update to git
announced via advisory MDVSA-2010:256.

A vulnerability was discovered and corrected in git (gitweb):

A cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and
previous versions allows remote attackers to inject arbitrary web
script or HTML code via f and fp variables (CVE-2010-3906).

The updated packages have been patched to correct this issue.

Affected: 2010.0, 2010.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:256

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3906
http://www.exploit-db.com/exploits/15744
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:256
http://www.redhat.com/support/errata/RHSA-2010-1003.html
SuSE Security Announcement: SUSE-SR:2011:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
BugTraq ID: 45439
http://www.securityfocus.com/bid/45439
http://www.securitytracker.com/id?1024905
http://secunia.com/advisories/42645
http://secunia.com/advisories/42731
http://secunia.com/advisories/42743
http://secunia.com/advisories/43457
http://www.vupen.com/english/advisories/2010/3323
http://www.vupen.com/english/advisories/2011/0010
http://www.vupen.com/english/advisories/2011/0464

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68584
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:256 (git)
Resumen:	Mandriva Security Advisory MDVSA-2010:256 (git)
Descripción:	The remote host is missing an update to git announced via advisory MDVSA-2010:256. A vulnerability was discovered and corrected in git (gitweb): A cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables (CVE-2010-3906). The updated packages have been patched to correct this issue. Affected: 2010.0, 2010.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:256 Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3906 http://www.exploit-db.com/exploits/15744 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:256 http://www.redhat.com/support/errata/RHSA-2010-1003.html SuSE Security Announcement: SUSE-SR:2011:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html BugTraq ID: 45439 http://www.securityfocus.com/bid/45439 http://www.securitytracker.com/id?1024905 http://secunia.com/advisories/42645 http://secunia.com/advisories/42731 http://secunia.com/advisories/42743 http://secunia.com/advisories/43457 http://www.vupen.com/english/advisories/2010/3323 http://www.vupen.com/english/advisories/2011/0010 http://www.vupen.com/english/advisories/2011/0464
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com