 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59853 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-3011 (tomboy) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to tomboy announced via advisory FEDORA-2007-3011. Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information you deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking system, organizing ideas is as simple as typing a name. Branching an idea off is easy as pressing the Link button. And links between your ideas won't break, even when renaming and reorganizing them. Update Information: This update resolves a low severity security issue where LD_LIBRARY_PATH could potentially get set to the current directory if it wasn't set before Tomboy was launched. ChangeLog: * Tue Nov 6 2007 Ray Strode - 0.6.1-2 - Fix bug 252294, CVE-2005-4790 References: [ 1 ] Bug #362941 - CVE-2005-4790 tomboy includes CWD in LD_LIBRARY_PATH [F7] https://bugzilla.redhat.com/show_bug.cgi?id=362941 [ 2 ] CVE-2005-4790 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4790 Updated packages: 721ad30740b7669657baa94234f887bc41414b73 tomboy-0.6.1-2.fc7.i386.rpm 0216e31427454b2e07d1ec81ef55b148a899eb7e tomboy-debuginfo-0.6.1-2.fc7.i386.rpm 6732454fba9836cab0b44fb82b1ee4aa8e414916 tomboy-0.6.1-2.fc7.x86_64.rpm 4f0b7427798adb47a54a34f4b9e96a3ef3ca575e tomboy-debuginfo-0.6.1-2.fc7.x86_64.rpm 3b6fe061bf9542ae991df8eb1b92f416f2a05962 tomboy-debuginfo-0.6.1-2.fc7.ppc.rpm 499d72c90787d6583da815c1c00a7da72b94f005 tomboy-0.6.1-2.fc7.ppc.rpm 440e92c0bccceda2e77fdcd8cc90a0a1228ca2c7 tomboy-0.6.1-2.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update tomboy' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-3011 Risk factor : High CVSS Score: 6.9 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-4790 BugTraq ID: 25341 http://www.securityfocus.com/bid/25341 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00206.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00913.html http://security.gentoo.org/glsa/glsa-200711-12.xml http://security.gentoo.org/glsa/glsa-200801-14.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:064 http://bugs.gentoo.org/show_bug.cgi?id=188806 http://osvdb.org/39577 http://osvdb.org/39578 http://secunia.com/advisories/26480 http://secunia.com/advisories/27608 http://secunia.com/advisories/27621 http://secunia.com/advisories/27799 http://secunia.com/advisories/28339 http://secunia.com/advisories/28672 SuSE Security Announcement: SUSE-SR:2005:022 (Google Search) http://www.novell.com/linux/security/advisories/2005_22_sr.html https://usn.ubuntu.com/560-1/ XForce ISS Database: tomboy-ldlibrarypath-privilege-escalation(36054) https://exchange.xforce.ibmcloud.com/vulnerabilities/36054 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |