Test ID:	1.3.6.1.4.1.25623.1.0.59893
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:1059
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:1059. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1059.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-7225 26725 http://www.securityfocus.com/bid/26725 28041 http://secunia.com/advisories/28041 28658 http://secunia.com/advisories/28658 MDVSA-2008:030 http://www.mandriva.com/security/advisories?name=MDVSA-2008:030 RHSA-2007:1059 http://www.redhat.com/support/errata/RHSA-2007-1059.html RHSA-2007:1068 http://www.redhat.com/support/errata/RHSA-2007-1068.html SUSE-SA:2008:004 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm http://www.pcre.org/changelog.txt https://bugzilla.redhat.com/show_bug.cgi?id=384761 oval:org.mitre.oval:def:10985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985 Common Vulnerability Exposure (CVE) ID: CVE-2006-7226 26727 http://www.securityfocus.com/bid/26727 https://bugzilla.redhat.com/show_bug.cgi?id=384781 oval:org.mitre.oval:def:11545 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11545 pcre-library-subpattern-dos(40020) https://exchange.xforce.ibmcloud.com/vulnerabilities/40020 Common Vulnerability Exposure (CVE) ID: CVE-2006-7228 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates http://www.securityfocus.com/archive/1/488457/100/0/threaded 20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus http://www.securityfocus.com/archive/1/490917/100/0/threaded 26462 http://www.securityfocus.com/bid/26462 27582 http://secunia.com/advisories/27582 27741 http://secunia.com/advisories/27741 27773 http://secunia.com/advisories/27773 27776 http://secunia.com/advisories/27776 28027 http://secunia.com/advisories/28027 28050 http://secunia.com/advisories/28050 28406 http://secunia.com/advisories/28406 28414 http://secunia.com/advisories/28414 28714 http://secunia.com/advisories/28714 28720 http://secunia.com/advisories/28720 29032 http://secunia.com/advisories/29032 29085 http://secunia.com/advisories/29085 29785 http://secunia.com/advisories/29785 30106 http://secunia.com/advisories/30106 30155 http://secunia.com/advisories/30155 30219 http://secunia.com/advisories/30219 31124 http://secunia.com/advisories/31124 ADV-2008-0637 http://www.vupen.com/english/advisories/2008/0637 ADV-2008-1234 http://www.vupen.com/english/advisories/2008/1234/references DSA-1570 http://www.debian.org/security/2008/dsa-1570 GLSA-200711-30 http://security.gentoo.org/glsa/glsa-200711-30.xml GLSA-200801-02 http://security.gentoo.org/glsa/glsa-200801-02.xml GLSA-200801-18 http://security.gentoo.org/glsa/glsa-200801-18.xml GLSA-200801-19 http://security.gentoo.org/glsa/glsa-200801-19.xml GLSA-200802-10 http://security.gentoo.org/glsa/glsa-200802-10.xml GLSA-200805-11 http://security.gentoo.org/glsa/glsa-200805-11.xml MDVSA-2008:012 http://www.mandriva.com/security/advisories?name=MDVSA-2008:012 RHSA-2007:1063 http://www.redhat.com/support/errata/RHSA-2007-1063.html RHSA-2007:1065 http://www.redhat.com/support/errata/RHSA-2007-1065.html RHSA-2007:1076 http://www.redhat.com/support/errata/RHSA-2007-1076.html RHSA-2007:1077 http://www.redhat.com/support/errata/RHSA-2007-1077.html RHSA-2008:0546 http://www.redhat.com/support/errata/RHSA-2008-0546.html SUSE-SA:2007:062 http://www.novell.com/linux/security/advisories/2007_62_pcre.html [Security-announce] 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates http://lists.vmware.com/pipermail/security-announce/2008/000005.html [Security-announce] 20080415 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://bugs.gentoo.org/show_bug.cgi?id=198976 http://scary.beasts.org/security/CESA-2007-006.html https://bugzilla.redhat.com/show_bug.cgi?id=383371 oval:org.mitre.oval:def:10810 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810 Common Vulnerability Exposure (CVE) ID: CVE-2006-7230 26550 http://www.securityfocus.com/bid/26550 https://bugzilla.redhat.com/show_bug.cgi?id=384801 oval:org.mitre.oval:def:10911 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10911
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.