ID de Prueba:	1.3.6.1.4.1.25623.1.0.831654
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for libzip MDVSA-2012:034 (libzip)
Resumen:	The remote host is missing an update for the 'libzip'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'libzip' package(s) announced via the referenced advisory. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in libzip: libzip (version <= 0.10) uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files (CVE-2012-1162). libzip (version <= 0.10) has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a memory buffer (e.g., allowing information leaks) (CVE-2012-1163). The updated packages have been upgraded to the 0.10.1 version to correct these issues. Affected Software/OS: libzip on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1162 http://www.gentoo.org/security/en/glsa/glsa-201203-23.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:034 http://nih.at/listarchive/libzip-discuss/msg00252.html http://www.openwall.com/lists/oss-security/2012/03/21/2 http://www.openwall.com/lists/oss-security/2012/03/29/11 Common Vulnerability Exposure (CVE) ID: CVE-2012-1163
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.