Test ID:	1.3.6.1.4.1.25623.1.0.61244
Category:	Fedora Local Security Checks
Title:	Fedora Core 8 FEDORA-2008-6127 (devhelp)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to devhelp announced via advisory FEDORA-2008-6127. ChangeLog: * Wed Jul 2 2008 Christopher Aillon - 0.16.1-8 - Rebuild against newer gecko References: [ 1 ] Bug #452602 - CVE-2008-2803 Firefox javascript arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=452602 [ 2 ] Bug #452599 - CVE-2008-2800 Firefox XSS attacks https://bugzilla.redhat.com/show_bug.cgi?id=452599 [ 3 ] Bug #452600 - CVE-2008-2802 Firefox arbitrary JavaScript code execution https://bugzilla.redhat.com/show_bug.cgi?id=452600 [ 4 ] Bug #452605 - CVE-2008-2801 Firefox arbitrary signed JAR code execution https://bugzilla.redhat.com/show_bug.cgi?id=452605 [ 5 ] Bug #452604 - CVE-2008-2805 Firefox arbitrary file disclosure https://bugzilla.redhat.com/show_bug.cgi?id=452604 [ 6 ] Bug #452597 - CVE-2008-2798 Firefox malformed web content flaws https://bugzilla.redhat.com/show_bug.cgi?id=452597 [ 7 ] Bug #452598 - CVE-2008-2799 Firefox javascript arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=452598 [ 8 ] Bug #452710 - CVE-2008-2808 Firefox file location escaping flaw https://bugzilla.redhat.com/show_bug.cgi?id=452710 [ 9 ] Bug #452709 - CVE-2008-2807 Firefox .properties memory leak https://bugzilla.redhat.com/show_bug.cgi?id=452709 [ 10 ] Bug #453007 - CVE-2008-2811 Firefox block reflow flaw https://bugzilla.redhat.com/show_bug.cgi?id=453007 [ 11 ] Bug #452712 - CVE-2008-2810 Firefox arbitrary file disclosure https://bugzilla.redhat.com/show_bug.cgi?id=452712 [ 12 ] Bug #452711 - CVE-2008-2809 Firefox self signed certificate flaw https://bugzilla.redhat.com/show_bug.cgi?id=452711 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update devhelp' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-6127 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2801 BugTraq ID: 30038 http://www.securityfocus.com/bid/30038 Bugtraq: 20080708 rPSA-2008-0216-1 firefox (Google Search) http://www.securityfocus.com/archive/1/494080/100/0/threaded Debian Security Information: DSA-1607 (Google Search) http://www.debian.org/security/2008/dsa-1607 Debian Security Information: DSA-1615 (Google Search) http://www.debian.org/security/2008/dsa-1615 Debian Security Information: DSA-1697 (Google Search) http://www.debian.org/security/2009/dsa-1697 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html http://security.gentoo.org/glsa/glsa-200808-03.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:136 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810 http://www.redhat.com/support/errata/RHSA-2008-0547.html http://www.redhat.com/support/errata/RHSA-2008-0549.html http://www.redhat.com/support/errata/RHSA-2008-0569.html RedHat Security Advisories: RHSA-2008:0616 http://rhn.redhat.com/errata/RHSA-2008-0616.html http://www.securitytracker.com/id?1020419 http://secunia.com/advisories/30878 http://secunia.com/advisories/30898 http://secunia.com/advisories/30903 http://secunia.com/advisories/30911 http://secunia.com/advisories/30949 http://secunia.com/advisories/31005 http://secunia.com/advisories/31008 http://secunia.com/advisories/31021 http://secunia.com/advisories/31023 http://secunia.com/advisories/31069 http://secunia.com/advisories/31076 http://secunia.com/advisories/31183 http://secunia.com/advisories/31195 http://secunia.com/advisories/31377 http://secunia.com/advisories/33433 http://secunia.com/advisories/34501 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 SuSE Security Announcement: SUSE-SA:2008:034 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html http://www.ubuntu.com/usn/usn-619-1 http://www.vupen.com/english/advisories/2008/1993/references http://www.vupen.com/english/advisories/2009/0977 Common Vulnerability Exposure (CVE) ID: CVE-2008-2802 Debian Security Information: DSA-1621 (Google Search) http://www.debian.org/security/2008/dsa-1621 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:155 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11121 http://secunia.com/advisories/30915 http://secunia.com/advisories/31220 http://secunia.com/advisories/31253 http://secunia.com/advisories/31286 http://secunia.com/advisories/31403 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484 http://www.ubuntu.com/usn/usn-629-1 Common Vulnerability Exposure (CVE) ID: CVE-2008-2803 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10747 Common Vulnerability Exposure (CVE) ID: CVE-2008-2798 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10087 Common Vulnerability Exposure (CVE) ID: CVE-2008-2799 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10743 Common Vulnerability Exposure (CVE) ID: CVE-2008-2811 CERT/CC vulnerability note: VU#607267 http://www.kb.cert.org/vuls/id/607267 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9865 Common Vulnerability Exposure (CVE) ID: CVE-2008-2800 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9386 Common Vulnerability Exposure (CVE) ID: CVE-2008-2805 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10143 Common Vulnerability Exposure (CVE) ID: CVE-2008-2810 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9593 Common Vulnerability Exposure (CVE) ID: CVE-2008-2807 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9432 XForce ISS Database: firefox-propertiesfile-info-disclosure(50656) https://exchange.xforce.ibmcloud.com/vulnerabilities/50656 Common Vulnerability Exposure (CVE) ID: CVE-2008-2808 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9668 Common Vulnerability Exposure (CVE) ID: CVE-2008-2809 Bugtraq: 20071118 Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search) http://www.securityfocus.com/archive/1/483929/100/100/threaded Bugtraq: 20071118 RE: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search) http://www.securityfocus.com/archive/1/483960/100/100/threaded Bugtraq: 20071118 Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search) http://www.securityfocus.com/archive/1/483937/100/100/threaded http://nils.toedtmann.net/pub/subjectAltName.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10205 http://securitytracker.com/id?1018979 http://securityreason.com/securityalert/3498 XForce ISS Database: mozilla-altnames-spoofing(43524) https://exchange.xforce.ibmcloud.com/vulnerabilities/43524
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.