ID de Prueba:	1.3.6.1.4.1.25623.1.0.831596
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for libtasn1 MDVSA-2012:039 (libtasn1)
Resumen:	The remote host is missing an update for the 'libtasn1'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtasn1' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in libtasn1: The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure (CVE-2012-1569). The updated packages have been patched to correct this issue. Affected Software/OS: libtasn1 on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1569 Bugtraq: 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html Debian Security Information: DSA-2440 (Google Search) http://www.debian.org/security/2012/dsa-2440 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:039 http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/ http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54 http://www.openwall.com/lists/oss-security/2012/03/20/3 http://www.openwall.com/lists/oss-security/2012/03/20/8 http://www.openwall.com/lists/oss-security/2012/03/21/5 RedHat Security Advisories: RHSA-2012:0427 http://rhn.redhat.com/errata/RHSA-2012-0427.html RedHat Security Advisories: RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html RedHat Security Advisories: RHSA-2012:0531 http://rhn.redhat.com/errata/RHSA-2012-0531.html http://www.securitytracker.com/id?1026829 http://secunia.com/advisories/48397 http://secunia.com/advisories/48488 http://secunia.com/advisories/48505 http://secunia.com/advisories/48578 http://secunia.com/advisories/48596 http://secunia.com/advisories/49002 http://secunia.com/advisories/50739 http://secunia.com/advisories/57260 SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html http://www.ubuntu.com/usn/USN-1436-1
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.