Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:711

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.51447

Category: Conectiva Local Security Checks

Title: Conectiva Security Advisory CLA-2003:711

Summary: NOSUMMARY

Description: Description:

The remote host is missing updates announced in
advisory CLA-2003:711.

mnoGoSearch[1] is a full-featured web search engine software for
intranet and internet servers.

This update addresses two vulnerabilities in mnoGoSearch which affect
Conectiva Linux 9:

1. Buffer overflow in the ul variable (CVE-2003-0436)
pokleyzz reported[2] a buffer overflow
vulnerability in mnoGoSearch which can be exploited remotely to
execute arbitrary commands with the privileges of the webserver.

2. Buffer overflow in the query variable (q) (CVE-2002-0789)
qitest1 reported a buffer overflow
vulnerability[3] in the query variable (q) which can be exploited
remotely to execute arbitrary commands with the privileges of the
webserver.

The packages available through this update contain the new version
released by the authors that fixes these issues.

Additionally, some other bugfixes and enhancements have been
included:

- the files are now placed in the webserver directory (/srv/www) and
not in /var/www

- the CGI executable search.cgi is now installed in
/srv/www/default/cgi-bin

- access to the search.cgi CGI executable is restricted by default
to localhost (or 127.0.0.1). To change these permissions, please edit
/etc/apache/conf/conf.d/mnogosearch.conf and restart Apache. This was
done to avoid a possible unnecessary exposure of this service in the
case the package was installed but not configured.

- configuration files in the /etc/mnogosearch directory have now
stricter access permissions in order to avoid exposure of their
database access passwords

- two new subpackages have been created: mnogosearch-devel and
mnogosearch-devel-static, used only for development purposes.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:711
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2003-0436
BugTraq ID: 7865
http://www.securityfocus.com/bid/7865
http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005543.html
Common Vulnerability Exposure (CVE) ID: CVE-2002-0789
BugTraq ID: 4724
http://www.securityfocus.com/bid/4724
Bugtraq: 20020511 Bug in mnogosearch-3.1.19 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2002-05/0092.html
http://www.mnogosearch.org/history.html#log31
http://www.iss.net/security_center/static/9060.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.51447
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:711
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2003:711. mnoGoSearch[1] is a full-featured web search engine software for intranet and internet servers. This update addresses two vulnerabilities in mnoGoSearch which affect Conectiva Linux 9: 1. Buffer overflow in the ul variable (CVE-2003-0436) pokleyzz reported[2] a buffer overflow vulnerability in mnoGoSearch which can be exploited remotely to execute arbitrary commands with the privileges of the webserver. 2. Buffer overflow in the query variable (q) (CVE-2002-0789) qitest1 reported a buffer overflow vulnerability[3] in the query variable (q) which can be exploited remotely to execute arbitrary commands with the privileges of the webserver. The packages available through this update contain the new version released by the authors that fixes these issues. Additionally, some other bugfixes and enhancements have been included: - the files are now placed in the webserver directory (/srv/www) and not in /var/www - the CGI executable search.cgi is now installed in /srv/www/default/cgi-bin - access to the search.cgi CGI executable is restricted by default to localhost (or 127.0.0.1). To change these permissions, please edit /etc/apache/conf/conf.d/mnogosearch.conf and restart Apache. This was done to avoid a possible unnecessary exposure of this service in the case the package was installed but not configured. - configuration files in the /etc/mnogosearch directory have now stricter access permissions in order to avoid exposure of their database access passwords - two new subpackages have been created: mnogosearch-devel and mnogosearch-devel-static, used only for development purposes. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:711 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0436 BugTraq ID: 7865 http://www.securityfocus.com/bid/7865 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005543.html Common Vulnerability Exposure (CVE) ID: CVE-2002-0789 BugTraq ID: 4724 http://www.securityfocus.com/bid/4724 Bugtraq: 20020511 Bug in mnogosearch-3.1.19 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-05/0092.html http://www.mnogosearch.org/history.html#log31 http://www.iss.net/security_center/static/9060.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com