Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-0465)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122188

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-0465)

Resumen: The remote host is missing an update for the 'kdenetwork' package(s) announced via the ELSA-2011-0465 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kdenetwork' package(s) announced via the ELSA-2011-0465 advisory.

Vulnerability Insight:
[7:4.3.4-11.1]
- CVE-2010-1000, improper sanitization of metalink attribute for downloading files

Affected Software/OS:
'kdenetwork' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1586
44124
http://secunia.com/advisories/44124
44329
http://secunia.com/advisories/44329
ADV-2011-1019
http://www.vupen.com/english/advisories/2011/1019
ADV-2011-1021
http://www.vupen.com/english/advisories/2011/1021
ADV-2011-1135
http://www.vupen.com/english/advisories/2011/1135
MDVSA-2011:081
http://www.mandriva.com/security/advisories?name=MDVSA-2011:081
RHSA-2011:0465
http://www.redhat.com/support/errata/RHSA-2011-0465.html
USN-1114-1
http://www.ubuntu.com/usn/usn-1114-1/
[oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network
http://openwall.com/lists/oss-security/2011/04/15/9
http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468
http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469
http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471
https://bugzilla.redhat.com/show_bug.cgi?id=697042
https://launchpad.net/bugs/757526
kget-name-directory-traversal(66826)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66826

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122188
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0465)
Resumen:	The remote host is missing an update for the 'kdenetwork' package(s) announced via the ELSA-2011-0465 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kdenetwork' package(s) announced via the ELSA-2011-0465 advisory. Vulnerability Insight: [7:4.3.4-11.1] - CVE-2010-1000, improper sanitization of metalink attribute for downloading files Affected Software/OS: 'kdenetwork' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1586 44124 http://secunia.com/advisories/44124 44329 http://secunia.com/advisories/44329 ADV-2011-1019 http://www.vupen.com/english/advisories/2011/1019 ADV-2011-1021 http://www.vupen.com/english/advisories/2011/1021 ADV-2011-1135 http://www.vupen.com/english/advisories/2011/1135 MDVSA-2011:081 http://www.mandriva.com/security/advisories?name=MDVSA-2011:081 RHSA-2011:0465 http://www.redhat.com/support/errata/RHSA-2011-0465.html USN-1114-1 http://www.ubuntu.com/usn/usn-1114-1/ [oss-security] 20110415 Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network http://openwall.com/lists/oss-security/2011/04/15/9 http://websvn.kde.org/branches/KDE/4.4/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227468&r2=1227467&pathrev=1227468 http://websvn.kde.org/branches/KDE/4.5/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227469&r2=1227468&pathrev=1227469 http://websvn.kde.org/branches/KDE/4.6/kdenetwork/kget/ui/metalinkcreator/metalinker.cpp?r1=1227471&r2=1227470&pathrev=1227471 https://bugzilla.redhat.com/show_bug.cgi?id=697042 https://launchpad.net/bugs/757526 kget-name-directory-traversal(66826) https://exchange.xforce.ibmcloud.com/vulnerabilities/66826
Copyright	Copyright (C) 2015 Greenbone AG