 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.880817 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for newt CESA-2009:1463 centos5 i386 |
| Zusammenfassung: | The remote host is missing an update for the 'newt'; package(s) announced via the referenced advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'newt' package(s) announced via the referenced advisory. Vulnerability Insight: Newt is a programming library for color text mode, widget-based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, and so on, to text mode user interfaces. A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request (direct or via a custom application), leading to a denial of service (application crash) or, potentially, arbitrary code execution with the privileges of the user running the application using the newt library. (CVE-2009-2905) Users of newt should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, all applications using the newt library must be restarted for the update to take effect. Affected Software/OS: newt on CentOS 5 Solution: Please install the updated packages. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2905 36515 http://www.securityfocus.com/bid/36515 37922 http://secunia.com/advisories/37922 38794 http://secunia.com/advisories/38794 38833 http://secunia.com/advisories/38833 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 DSA-1894 http://www.debian.org/security/2009/dsa-1894 RHSA-2009:1463 https://rhn.redhat.com/errata/RHSA-2009-1463.html SUSE-SR:2009:017 http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html USN-837-1 http://www.ubuntu.com/usn/USN-837-1 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://security.debian.org/pool/updates/main/n/newt/newt_0.52.2-10+etch1.diff.gz http://support.avaya.com/css/P8/documents/100067251 https://bugzilla.redhat.com/show_bug.cgi?id=523955 oval:org.mitre.oval:def:8556 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8556 oval:org.mitre.oval:def:9664 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9664 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |