Test ID:	1.3.6.1.4.1.25623.1.0.122476
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2009-1102)
Summary:	The remote host is missing an update for the 'cscope' package(s) announced via the ELSA-2009-1102 advisory.
Description:	Summary: The remote host is missing an update for the 'cscope' package(s) announced via the ELSA-2009-1102 advisory. Vulnerability Insight: [15.5-15.1.el5_3.1] - Release bump to create newer nvr despite dist tag change (fc6 -> el5) [15.5-15.el5_3.4] - Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.*s / *_len are no longer needed and were dropped - Update tempsec patch, drop extraneous s(n)printf argument to suppress compiler warnings - Update fscanf-overflows patch to perform reffile argument length check earlier, now also includes strlen-adjust-fix patch [15.5-15.el5_3.3] - Correcting buffer overflow fix (bz 499200) [15.5-15.el5_3.2] - Fix some buffer overflows (bz 499200) Affected Software/OS: 'cscope' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2541 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html BugTraq ID: 18050 http://www.securityfocus.com/bid/18050 BugTraq ID: 25159 http://www.securityfocus.com/bid/25159 Debian Security Information: DSA-1064 (Google Search) http://www.debian.org/security/2006/dsa-1064 http://www.gentoo.org/security/en/glsa/glsa-200606-10.xml http://sourceforge.net/tracker/index.php?func=detail&aid=1064875&group_id=4664&atid=104664 http://www.osvdb.org/11920 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10069 http://www.redhat.com/support/errata/RHSA-2009-1101.html http://www.redhat.com/support/errata/RHSA-2009-1102.html http://secunia.com/advisories/13237 http://secunia.com/advisories/20191 http://secunia.com/advisories/20564 http://secunia.com/advisories/26235 http://secunia.com/advisories/35462 http://www.vupen.com/english/advisories/2007/2732 Common Vulnerability Exposure (CVE) ID: CVE-2009-0148 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 34805 http://www.securityfocus.com/bid/34805 Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1806 (Google Search) http://www.debian.org/security/2009/dsa-1806 http://security.gentoo.org/glsa/glsa-200905-02.xml http://sourceforge.net/mailarchive/forum.php?thread_name=E1LsGx3-00015K-TN%40ddv4jf1.ch3.sourceforge.com&forum_name=cscope-cvs http://www.openwall.com/lists/oss-security/2009/05/06/9 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9633 http://www.securitytracker.com/id?1022218 http://secunia.com/advisories/34978 http://secunia.com/advisories/35074 http://secunia.com/advisories/35213 http://secunia.com/advisories/35214 http://www.vupen.com/english/advisories/2009/1238 http://www.vupen.com/english/advisories/2009/1297
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.