Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.50829 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandrake Security Advisory MDKSA-2002:051 (xchat) |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing an update to xchat announced via advisory MDKSA-2002:051. In versions of the xchat IRC client prior to version 1.8.9, xchat does not filter the response from an IRC server when a /dns query is executed. xchat resolves hostnames by passing the configured resolver and hostname to a shell, so an IRC server may return a malicious response formatted so that arbitrary commands are executed with the privilege of the user running xchat. Affected versions: 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2002:051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0382 http://online.securityfocus.com/bid/4376/info/ Risk factor : High CVSS Score: 7.5 |
Querverweis: |
BugTraq ID: 4376 Common Vulnerability Exposure (CVE) ID: CVE-2002-0382 http://www.securityfocus.com/bid/4376 Bugtraq: 20020327 Xchat /dns command execution vulnerability (Google Search) http://marc.info/?l=bugtraq&m=101725430425490&w=2 Conectiva Linux advisory: CLA-2002:526 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000526 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-051.php http://www.redhat.com/support/errata/RHSA-2002-097.html http://www.redhat.com/support/errata/RHSA-2002-124.html http://www.iss.net/security_center/static/8704.php |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |