ID de Prueba:	1.3.6.1.4.1.25623.1.0.69583
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2011-097-01)
Resumen:	The remote host is missing an update for the 'dhcp' package(s) announced via the SSA:2011-097-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'dhcp' package(s) announced via the SSA:2011-097-01 advisory. Vulnerability Insight: New dhcp packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/dhcp-4.1_ESV_R2-i486-1_slack13.1.txz: Upgraded. In dhclient, check the data for some string options for reasonableness before passing it along to the script that interfaces with the OS. This prevents some possible attacks by a hostile DHCP server. For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'dhcp' package(s) on Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0997 BugTraq ID: 47176 http://www.securityfocus.com/bid/47176 CERT/CC vulnerability note: VU#107886 http://www.kb.cert.org/vuls/id/107886 Debian Security Information: DSA-2216 (Google Search) http://www.debian.org/security/2011/dsa-2216 Debian Security Information: DSA-2217 (Google Search) http://www.debian.org/security/2011/dsa-2217 https://www.exploit-db.com/exploits/37623/ http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057888.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058279.html http://security.gentoo.org/glsa/glsa-201301-06.xml HPdes Security Advisory: HPSBMU02752 http://marc.info/?l=bugtraq&m=133226187115472&w=2 HPdes Security Advisory: SSRT100802 http://www.mandriva.com/security/advisories?name=MDVSA-2011:073 http://www.osvdb.org/71493 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12812 http://www.redhat.com/support/errata/RHSA-2011-0428.html http://www.redhat.com/support/errata/RHSA-2011-0840.html http://securitytracker.com/id?1025300 http://secunia.com/advisories/44037 http://secunia.com/advisories/44048 http://secunia.com/advisories/44089 http://secunia.com/advisories/44090 http://secunia.com/advisories/44103 http://secunia.com/advisories/44127 http://secunia.com/advisories/44180 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593345 http://www.ubuntu.com/usn/USN-1108-1 http://www.vupen.com/english/advisories/2011/0879 http://www.vupen.com/english/advisories/2011/0886 http://www.vupen.com/english/advisories/2011/0909 http://www.vupen.com/english/advisories/2011/0915 http://www.vupen.com/english/advisories/2011/0926 http://www.vupen.com/english/advisories/2011/0965 http://www.vupen.com/english/advisories/2011/1000 XForce ISS Database: iscdhcp-dhclient-command-execution(66580) https://exchange.xforce.ibmcloud.com/vulnerabilities/66580
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.