Test Kennung:	1.3.6.1.4.1.25623.1.0.880626
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for bzip2 CESA-2010:0703 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'bzip2'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'bzip2' package(s) announced via the referenced advisory. Vulnerability Insight: bzip2 is a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. An integer overflow flaw was discovered in the bzip2 decompression routine. This issue could, when decompressing malformed archives, cause bzip2, or an application linked against the libbz2 library, to crash or, potentially, execute arbitrary code. (CVE-2010-0405) Users of bzip2 should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running applications using the libbz2 library must be restarted for the update to take effect. Affected Software/OS: bzip2 on CentOS 5 Solution: Please install the updated packages. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0405 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html Bugtraq: 20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console (Google Search) http://www.securityfocus.com/archive/1/515055/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051366.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051278.html http://security.gentoo.org/glsa/glsa-201301-05.xml http://marc.info/?l=oss-security&m=128506868510655&w=2 http://www.redhat.com/support/errata/RHSA-2010-0703.html http://www.redhat.com/support/errata/RHSA-2010-0858.html http://secunia.com/advisories/41452 http://secunia.com/advisories/41505 http://secunia.com/advisories/42350 http://secunia.com/advisories/42404 http://secunia.com/advisories/42405 http://secunia.com/advisories/42529 http://secunia.com/advisories/42530 http://secunia.com/advisories/48378 SuSE Security Announcement: SUSE-SR:2010:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://www.ubuntu.com/usn/usn-986-1 http://www.ubuntu.com/usn/USN-986-2 http://www.ubuntu.com/usn/USN-986-3 http://www.vupen.com/english/advisories/2010/2455 http://www.vupen.com/english/advisories/2010/3043 http://www.vupen.com/english/advisories/2010/3052 http://www.vupen.com/english/advisories/2010/3073 http://www.vupen.com/english/advisories/2010/3126 http://www.vupen.com/english/advisories/2010/3127
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.