ID de Prueba:	1.3.6.1.4.1.25623.1.0.70606
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: libxml
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: libxml CVE-2009-2416 Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2416 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components http://www.securityfocus.com/archive/1/507985/100/0/threaded 35036 http://secunia.com/advisories/35036 36010 http://www.securityfocus.com/bid/36010 36207 http://secunia.com/advisories/36207 36338 http://secunia.com/advisories/36338 36417 http://secunia.com/advisories/36417 36631 http://secunia.com/advisories/36631 37346 http://secunia.com/advisories/37346 37471 http://secunia.com/advisories/37471 ADV-2009-2420 http://www.vupen.com/english/advisories/2009/2420 ADV-2009-3184 http://www.vupen.com/english/advisories/2009/3184 ADV-2009-3217 http://www.vupen.com/english/advisories/2009/3217 ADV-2009-3316 http://www.vupen.com/english/advisories/2009/3316 APPLE-SA-2009-11-09-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html APPLE-SA-2009-11-11-1 http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html APPLE-SA-2010-06-21-1 http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html DSA-1859 http://www.debian.org/security/2009/dsa-1859 FEDORA-2009-8491 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html FEDORA-2009-8498 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html FEDORA-2009-8580 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html SUSE-SR:2009:015 http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html USN-815-1 http://www.ubuntu.com/usn/USN-815-1 [debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html http://support.apple.com/kb/HT3937 http://support.apple.com/kb/HT3949 http://support.apple.com/kb/HT4225 http://www.cert.fi/en/reports/2009/vulnerability2009085.html http://www.codenomicon.com/labs/xml/ http://www.networkworld.com/columnists/2009/080509-xml-flaw.html http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html https://bugzilla.redhat.com/show_bug.cgi?id=515205 https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59 oval:org.mitre.oval:def:7783 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783 oval:org.mitre.oval:def:9262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.