Test ID:	1.3.6.1.4.1.25623.1.0.59065
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-379-1 (texinfo)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to texinfo announced via advisory USN-379-1. A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: texinfo 4.7-2.2ubuntu2.2 Ubuntu 6.06 LTS: texinfo 4.8-4ubuntu0.1 Ubuntu 6.10: texinfo 4.8.dfsg.1-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-379-1 Risk factor : Medium CVSS Score: 4.6
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4810 2006-0063 http://www.trustix.org/errata/2006/0063/ 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P 20061127 rPSA-2006-0219-1 info install-info texinfo http://www.securityfocus.com/archive/1/452723/100/0/threaded 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates http://www.securityfocus.com/archive/1/464745/100/0/threaded 20959 http://www.securityfocus.com/bid/20959 22725 http://secunia.com/advisories/22725 22777 http://secunia.com/advisories/22777 22798 http://secunia.com/advisories/22798 22898 http://secunia.com/advisories/22898 22929 http://secunia.com/advisories/22929 22995 http://secunia.com/advisories/22995 23015 http://secunia.com/advisories/23015 23112 http://secunia.com/advisories/23112 23335 http://secunia.com/advisories/23335 24788 http://secunia.com/advisories/24788 ADV-2006-4412 http://www.vupen.com/english/advisories/2006/4412 ADV-2007-1267 http://www.vupen.com/english/advisories/2007/1267 DSA-1219 http://www.debian.org/security/2006/dsa-1219 GLSA-200611-16 http://security.gentoo.org/glsa/glsa-200611-16.xml MDKSA-2006:203 http://www.mandriva.com/security/advisories?name=MDKSA-2006:203 OpenPKG-SA-2006.034 http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.034-texinfo.html RHSA-2006:0727 http://www.redhat.com/support/errata/RHSA-2006-0727.html SUSE-SR:2006:028 http://www.novell.com/linux/security/advisories/2006_28_sr.html USN-379-1 http://www.ubuntu.com/usn/usn-379-1 http://cvs.savannah.gnu.org/viewcvs/texinfo/texinfo/util/texindex.c?r1=1.16&r2=1.17 http://www.vmware.com/support/vi3/doc/esx-1121906-patch.html http://www.vmware.com/support/vi3/doc/esx-2559638-patch.html https://issues.rpath.com/browse/RPL-810 oval:org.mitre.oval:def:10893 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10893 texinfo-texindex-bo(30158) https://exchange.xforce.ibmcloud.com/vulnerabilities/30158
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.