Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201208-04 (gajim)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71854

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201208-04 (gajim)

Resumen: The remote host is missing updates announced in;advisory GLSA 201208-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201208-04.

Vulnerability Insight:
Multiple vulnerabilities have been found in Gajim, the worst of
which may allow execution of arbitrary code.

Solution:
All Gajim users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/gajim-0.15-r1'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2085
48708
http://secunia.com/advisories/48708
48794
http://secunia.com/advisories/48794
52943
http://www.securityfocus.com/bid/52943
GLSA-201208-04
http://security.gentoo.org/glsa/glsa-201208-04.xml
[oss-security] 20120408 CVE request: gajim - code execution and sql injection
http://www.openwall.com/lists/oss-security/2012/04/08/1
[oss-security] 20120408 Re: CVE request: gajim - code execution and sql injection
http://www.openwall.com/lists/oss-security/2012/04/08/2
https://trac.gajim.org/changeset/bc296e96ac10
https://trac.gajim.org/ticket/7031
Common Vulnerability Exposure (CVE) ID: CVE-2012-2086
https://trac.gajim.org/changeset/988e38ce0e0c
https://trac.gajim.org/ticket/7034
Common Vulnerability Exposure (CVE) ID: CVE-2012-2093
48695
http://secunia.com/advisories/48695
53017
http://www.securityfocus.com/bid/53017
FEDORA-2012-6001
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html
FEDORA-2012-6061
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html
FEDORA-2012-6161
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html
[oss-security] 20120410 RE: gajim insecure file creation when using latex
http://www.openwall.com/lists/oss-security/2012/04/10/15
[oss-security] 20120410 gajim insecure file creation when using latex
http://www.openwall.com/lists/oss-security/2012/04/10/6
gajim-gettmpfilename-symlink(74869)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74869
http://hg.gajim.org/gajim/rev/f046e4aaf7d4
https://trac.gajim.org/changeset/13759/src/common/latex.py

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71854
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201208-04 (gajim)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201208-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201208-04. Vulnerability Insight: Multiple vulnerabilities have been found in Gajim, the worst of which may allow execution of arbitrary code. Solution: All Gajim users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/gajim-0.15-r1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2085 48708 http://secunia.com/advisories/48708 48794 http://secunia.com/advisories/48794 52943 http://www.securityfocus.com/bid/52943 GLSA-201208-04 http://security.gentoo.org/glsa/glsa-201208-04.xml [oss-security] 20120408 CVE request: gajim - code execution and sql injection http://www.openwall.com/lists/oss-security/2012/04/08/1 [oss-security] 20120408 Re: CVE request: gajim - code execution and sql injection http://www.openwall.com/lists/oss-security/2012/04/08/2 https://trac.gajim.org/changeset/bc296e96ac10 https://trac.gajim.org/ticket/7031 Common Vulnerability Exposure (CVE) ID: CVE-2012-2086 https://trac.gajim.org/changeset/988e38ce0e0c https://trac.gajim.org/ticket/7034 Common Vulnerability Exposure (CVE) ID: CVE-2012-2093 48695 http://secunia.com/advisories/48695 53017 http://www.securityfocus.com/bid/53017 FEDORA-2012-6001 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079237.html FEDORA-2012-6061 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079241.html FEDORA-2012-6161 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079169.html [oss-security] 20120410 RE: gajim insecure file creation when using latex http://www.openwall.com/lists/oss-security/2012/04/10/15 [oss-security] 20120410 gajim insecure file creation when using latex http://www.openwall.com/lists/oss-security/2012/04/10/6 gajim-gettmpfilename-symlink(74869) https://exchange.xforce.ibmcloud.com/vulnerabilities/74869 http://hg.gajim.org/gajim/rev/f046e4aaf7d4 https://trac.gajim.org/changeset/13759/src/common/latex.py
Copyright	Copyright (C) 2012 E-Soft Inc.