Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-0525)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123717

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2013-0525)

Resumen: The remote host is missing an update for the 'pcsc-lite' package(s) announced via the ELSA-2013-0525 advisory.

Descripción: Summary:
The remote host is missing an update for the 'pcsc-lite' package(s) announced via the ELSA-2013-0525 advisory.

Vulnerability Insight:
[1.5.2-11]
- fix overflow issue introduced in 1.5.2-5 and incorrectly corrected in
1.5.2-6

[1.5.2-10]
- CVE-2010-4531

[1.5.2-9]
- Bump version number so it doesn't get confused with z stream build.

Affected Software/OS:
'pcsc-lite' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4531
42912
http://secunia.com/advisories/42912
43112
http://secunia.com/advisories/43112
45450
http://www.securityfocus.com/bid/45450
ADV-2010-3264
http://www.vupen.com/english/advisories/2010/3264
ADV-2011-0101
http://www.vupen.com/english/advisories/2011/0101
ADV-2011-0180
http://www.vupen.com/english/advisories/2011/0180
ADV-2011-0256
http://www.vupen.com/english/advisories/2011/0256
DSA-2156
http://www.debian.org/security/2011/dsa-2156
FEDORA-2011-0123
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html
FEDORA-2011-0164
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html
MDVSA-2011:015
http://www.mandriva.com/security/advisories?name=MDVSA-2011:015
[Pcsclite-cvs-commit] 20101103 r5370 - /trunk/PCSC/src/atrhandler.c
http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html
[oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
http://www.openwall.com/lists/oss-security/2010/12/22/7
[oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
http://www.openwall.com/lists/oss-security/2011/01/03/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781
http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123717
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-0525)
Resumen:	The remote host is missing an update for the 'pcsc-lite' package(s) announced via the ELSA-2013-0525 advisory.
Descripción:	Summary: The remote host is missing an update for the 'pcsc-lite' package(s) announced via the ELSA-2013-0525 advisory. Vulnerability Insight: [1.5.2-11] - fix overflow issue introduced in 1.5.2-5 and incorrectly corrected in 1.5.2-6 [1.5.2-10] - CVE-2010-4531 [1.5.2-9] - Bump version number so it doesn't get confused with z stream build. Affected Software/OS: 'pcsc-lite' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4531 42912 http://secunia.com/advisories/42912 43112 http://secunia.com/advisories/43112 45450 http://www.securityfocus.com/bid/45450 ADV-2010-3264 http://www.vupen.com/english/advisories/2010/3264 ADV-2011-0101 http://www.vupen.com/english/advisories/2011/0101 ADV-2011-0180 http://www.vupen.com/english/advisories/2011/0180 ADV-2011-0256 http://www.vupen.com/english/advisories/2011/0256 DSA-2156 http://www.debian.org/security/2011/dsa-2156 FEDORA-2011-0123 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html FEDORA-2011-0164 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html MDVSA-2011:015 http://www.mandriva.com/security/advisories?name=MDVSA-2011:015 [Pcsclite-cvs-commit] 20101103 r5370 - /trunk/PCSC/src/atrhandler.c http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html [oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ] http://www.openwall.com/lists/oss-security/2010/12/22/7 [oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ] http://www.openwall.com/lists/oss-security/2011/01/03/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781 http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531
Copyright	Copyright (C) 2015 Greenbone AG