Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2008-0649)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122566

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2008-0649)

Resumen: The remote host is missing an update for the 'libxslt' package(s) announced via the ELSA-2008-0649 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libxslt' package(s) announced via the ELSA-2008-0649 advisory.

Vulnerability Insight:
[1.1.17-2.0.1.el5_2.2]
- Added libxslt-enterprise.patch and replaced doc/redhat.gif in tarball

[1.1.17-2.el5_2.2]
- fix various problems in libexslt RC4 encryption/decryption functions
- resolves: rhbz#456232

Affected Software/OS:
'libxslt' package(s) on Oracle Linux 4, Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2935
1020596
http://www.securitytracker.com/id?1020596
20080731 [oCERT-2008-009] libxslt heap overflow
http://www.securityfocus.com/archive/1/494976/100/0/threaded
20080801 libxslt heap overflow
http://www.securityfocus.com/archive/1/495018/100/0/threaded
20081027 rPSA-2008-0306-1 libxslt
http://www.securityfocus.com/archive/1/497829/100/0/threaded
30467
http://www.securityfocus.com/bid/30467
31230
http://secunia.com/advisories/31230
31310
http://secunia.com/advisories/31310
31331
http://secunia.com/advisories/31331
31363
http://secunia.com/advisories/31363
31395
http://secunia.com/advisories/31395
31399
http://secunia.com/advisories/31399
32453
http://secunia.com/advisories/32453
4078
http://securityreason.com/securityalert/4078
ADV-2008-2266
http://www.vupen.com/english/advisories/2008/2266/references
DSA-1624
http://www.debian.org/security/2008/dsa-1624
FEDORA-2008-7029
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00092.html
FEDORA-2008-7062
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00118.html
GLSA-200808-06
http://security.gentoo.org/glsa/glsa-200808-06.xml
MDVSA-2008:160
http://www.mandriva.com/security/advisories?name=MDVSA-2008:160
RHSA-2008:0649
http://www.redhat.com/support/errata/RHSA-2008-0649.html
USN-633-1
http://www.ubuntu.com/usn/usn-633-1
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306
http://www.ocert.org/advisories/ocert-2008-009.html
http://www.ocert.org/patches/exslt_crypt.patch
http://www.scary.beasts.org/security/CESA-2008-003.html
libxslt-multiple-crypto-bo(44141)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44141
oval:org.mitre.oval:def:10827
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10827

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122566
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0649)
Resumen:	The remote host is missing an update for the 'libxslt' package(s) announced via the ELSA-2008-0649 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libxslt' package(s) announced via the ELSA-2008-0649 advisory. Vulnerability Insight: [1.1.17-2.0.1.el5_2.2] - Added libxslt-enterprise.patch and replaced doc/redhat.gif in tarball [1.1.17-2.el5_2.2] - fix various problems in libexslt RC4 encryption/decryption functions - resolves: rhbz#456232 Affected Software/OS: 'libxslt' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2935 1020596 http://www.securitytracker.com/id?1020596 20080731 [oCERT-2008-009] libxslt heap overflow http://www.securityfocus.com/archive/1/494976/100/0/threaded 20080801 libxslt heap overflow http://www.securityfocus.com/archive/1/495018/100/0/threaded 20081027 rPSA-2008-0306-1 libxslt http://www.securityfocus.com/archive/1/497829/100/0/threaded 30467 http://www.securityfocus.com/bid/30467 31230 http://secunia.com/advisories/31230 31310 http://secunia.com/advisories/31310 31331 http://secunia.com/advisories/31331 31363 http://secunia.com/advisories/31363 31395 http://secunia.com/advisories/31395 31399 http://secunia.com/advisories/31399 32453 http://secunia.com/advisories/32453 4078 http://securityreason.com/securityalert/4078 ADV-2008-2266 http://www.vupen.com/english/advisories/2008/2266/references DSA-1624 http://www.debian.org/security/2008/dsa-1624 FEDORA-2008-7029 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00092.html FEDORA-2008-7062 https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00118.html GLSA-200808-06 http://security.gentoo.org/glsa/glsa-200808-06.xml MDVSA-2008:160 http://www.mandriva.com/security/advisories?name=MDVSA-2008:160 RHSA-2008:0649 http://www.redhat.com/support/errata/RHSA-2008-0649.html USN-633-1 http://www.ubuntu.com/usn/usn-633-1 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306 http://www.ocert.org/advisories/ocert-2008-009.html http://www.ocert.org/patches/exslt_crypt.patch http://www.scary.beasts.org/security/CESA-2008-003.html libxslt-multiple-crypto-bo(44141) https://exchange.xforce.ibmcloud.com/vulnerabilities/44141 oval:org.mitre.oval:def:10827 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10827
Copyright	Copyright (C) 2015 Greenbone AG