Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2009-1232)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122453

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2009-1232)

Resumen: The remote host is missing an update for the 'gnutls' package(s) announced via the ELSA-2009-1232 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gnutls' package(s) announced via the ELSA-2009-1232 advisory.

Vulnerability Insight:
[1.4.1-3.5]
- fix NUL characters in DN and SAN cert fields issue,
make sure gnutls_x509_crt_check_hostname() fails when certificate
has no CN or SAN CVE-2009-2730 (#516231)

Affected Software/OS:
'gnutls' package(s) on Oracle Linux 4, Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2730
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.openwall.com/lists/oss-security/2009/08/14/6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10778
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8409
http://www.redhat.com/support/errata/RHSA-2009-1232.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.securitytracker.com/id?1022777
http://secunia.com/advisories/36266
http://secunia.com/advisories/36496
SuSE Security Announcement: SUSE-SR:2009:015 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
XForce ISS Database: gnutls-cn-san-security-bypass(52404)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52404

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122453
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-1232)
Resumen:	The remote host is missing an update for the 'gnutls' package(s) announced via the ELSA-2009-1232 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gnutls' package(s) announced via the ELSA-2009-1232 advisory. Vulnerability Insight: [1.4.1-3.5] - fix NUL characters in DN and SAN cert fields issue, make sure gnutls_x509_crt_check_hostname() fails when certificate has no CN or SAN CVE-2009-2730 (#516231) Affected Software/OS: 'gnutls' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2730 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.openwall.com/lists/oss-security/2009/08/14/6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10778 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8409 http://www.redhat.com/support/errata/RHSA-2009-1232.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.securitytracker.com/id?1022777 http://secunia.com/advisories/36266 http://secunia.com/advisories/36496 SuSE Security Announcement: SUSE-SR:2009:015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html XForce ISS Database: gnutls-cn-san-security-bypass(52404) https://exchange.xforce.ibmcloud.com/vulnerabilities/52404
Copyright	Copyright (C) 2015 Greenbone AG