ID de Prueba:	1.3.6.1.4.1.25623.1.0.870725
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for libtasn1 RHSA-2012:0427-01
Resumen:	The remote host is missing an update for the 'libtasn1'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'libtasn1' package(s) announced via the referenced advisory. Vulnerability Insight: libtasn1 is a library developed for ASN.1 (Abstract Syntax Notation One) structures management that includes DER (Distinguished Encoding Rules) encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input (such as an X.509 certificate) that, when parsed by an application that uses libtasn1 (such as applications using GnuTLS), could cause the application to crash. (CVE-2012-1569) Red Hat would like to thank Matthew Hall of Mu Dynamics for reporting this issue. Users of libtasn1 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the libtasn1 library must be restarted, or the system rebooted. Affected Software/OS: libtasn1 on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1569 Bugtraq: 20120320 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html Debian Security Information: DSA-2440 (Google Search) http://www.debian.org/security/2012/dsa-2440 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076856.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/076865.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077339.html http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076699.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078207.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077284.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:039 http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/ http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5932 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/53 http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54 http://www.openwall.com/lists/oss-security/2012/03/20/3 http://www.openwall.com/lists/oss-security/2012/03/20/8 http://www.openwall.com/lists/oss-security/2012/03/21/5 RedHat Security Advisories: RHSA-2012:0427 http://rhn.redhat.com/errata/RHSA-2012-0427.html RedHat Security Advisories: RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html RedHat Security Advisories: RHSA-2012:0531 http://rhn.redhat.com/errata/RHSA-2012-0531.html http://www.securitytracker.com/id?1026829 http://secunia.com/advisories/48397 http://secunia.com/advisories/48488 http://secunia.com/advisories/48505 http://secunia.com/advisories/48578 http://secunia.com/advisories/48596 http://secunia.com/advisories/49002 http://secunia.com/advisories/50739 http://secunia.com/advisories/57260 SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html http://www.ubuntu.com/usn/USN-1436-1
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.