| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.65749 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu USN-842-1 (wget) |
| Summary: | Ubuntu USN-842-1 (wget) |
| Description: | The remote host is missing an update to wget announced via advisory USN-842-1. Details follow: It was discovered that Wget did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libglib2.0-0 2.16.6-0ubuntu1.2 Ubuntu 8.10: libglib2.0-0 2.18.2-0ubuntu2.2 Ubuntu 9.04: libglib2.0-0 2.20.1-0ubuntu2.1 After a standard system upgrade you need to restart your session to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-842-1 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-3490 http://addictivecode.org/pipermail/wget-notify/2009-August/001808.html http://permalink.gmane.org/gmane.comp.web.wget.general/8972 http://marc.info/?l=oss-security&m=125198917018936&w=2 http://marc.info/?l=oss-security&m=125369675820512&w=2 BugTraq ID: 36205 http://www.securityfocus.com/bid/36205 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11099 http://secunia.com/advisories/36540 http://www.vupen.com/english/advisories/2009/2498 |
| Copyright | Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.