Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.60261
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDVSA-2008:029 (ruby)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to ruby
announced via advisory MDVSA-2008:029.

Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet,
Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a
possible man-in-the-middle attack, when using SSL, due to a missing
check of the CN (common name) attribute in SSL certificates against
the server's hostname.

The updated packages have been patched to prevent the issue.

Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:029

Risk factor : High

CVSS Score:
6.9

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-5162
BugTraq ID: 32447
http://www.securityfocus.com/bid/32447
FreeBSD Security Advisory: FreeBSD-SA-08:11
http://security.freebsd.org/advisories/FreeBSD-SA-08:11.arc4random.asc
http://osvdb.org/50137
http://securitytracker.com/id?1021276
http://secunia.com/advisories/32871
Common Vulnerability Exposure (CVE) ID: CVE-2007-5770
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
BugTraq ID: 26421
http://www.securityfocus.com/bid/26421
Cert/CC Advisory: TA07-352A
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Debian Security Information: DSA-1410 (Google Search)
http://www.debian.org/security/2007/dsa-1410
Debian Security Information: DSA-1411 (Google Search)
http://www.debian.org/security/2007/dsa-1411
Debian Security Information: DSA-1412 (Google Search)
http://www.debian.org/security/2007/dsa-1412
http://www.mandriva.com/security/advisories?name=MDVSA-2008:029
https://bugzilla.redhat.com/show_bug.cgi?id=362081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025
http://www.redhat.com/support/errata/RHSA-2007-0961.html
http://www.redhat.com/support/errata/RHSA-2007-0965.html
http://www.securitytracker.com/id?1018938
http://secunia.com/advisories/26985
http://secunia.com/advisories/27576
http://secunia.com/advisories/27673
http://secunia.com/advisories/27756
http://secunia.com/advisories/27764
http://secunia.com/advisories/27769
http://secunia.com/advisories/27818
http://secunia.com/advisories/28136
http://secunia.com/advisories/28645
http://secunia.com/advisories/29556
SuSE Security Announcement: SUSE-SR:2007:024 (Google Search)
http://www.novell.com/linux/security/advisories/2007_24_sr.html
http://www.ubuntu.com/usn/usn-596-1
http://www.vupen.com/english/advisories/2007/4238
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.