Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-1327)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123809

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-1327)

Resumen: The remote host is missing an update for the 'freeradius2' package(s) announced via the ELSA-2012-1327 advisory.

Descripción: Summary:
The remote host is missing an update for the 'freeradius2' package(s) announced via the ELSA-2012-1327 advisory.

Vulnerability Insight:
[2.1.12-4]
- resolves: bug#855315
CVE-2012-3547 freeradius: Stack-based buffer overflow by processing
certain expiration date fields of a certificate during x509 certificate
validation

Affected Software/OS:
'freeradius2' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3547
http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
BugTraq ID: 55483
http://www.securityfocus.com/bid/55483
Bugtraq: 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html
Debian Security Information: DSA-2546 (Google Search)
http://www.debian.org/security/2012/dsa-2546
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:159
http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt
http://www.openwall.com/lists/oss-security/2012/09/10/2
http://osvdb.org/85325
RedHat Security Advisories: RHSA-2012:1326
http://rhn.redhat.com/errata/RHSA-2012-1326.html
RedHat Security Advisories: RHSA-2012:1327
http://rhn.redhat.com/errata/RHSA-2012-1327.html
http://www.securitytracker.com/id?1027509
http://secunia.com/advisories/50484
http://secunia.com/advisories/50584
http://secunia.com/advisories/50637
http://secunia.com/advisories/50770
SuSE Security Announcement: openSUSE-SU-2012:1200 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html
http://www.ubuntu.com/usn/USN-1585-1
XForce ISS Database: freeradius-cbtlsverify-bo(78408)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78408

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123809
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-1327)
Resumen:	The remote host is missing an update for the 'freeradius2' package(s) announced via the ELSA-2012-1327 advisory.
Descripción:	Summary: The remote host is missing an update for the 'freeradius2' package(s) announced via the ELSA-2012-1327 advisory. Vulnerability Insight: [2.1.12-4] - resolves: bug#855315 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation Affected Software/OS: 'freeradius2' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3547 http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html BugTraq ID: 55483 http://www.securityfocus.com/bid/55483 Bugtraq: 20120910 [PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-09/0043.html Debian Security Information: DSA-2546 (Google Search) http://www.debian.org/security/2012/dsa-2546 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090171.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:159 http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt http://www.openwall.com/lists/oss-security/2012/09/10/2 http://osvdb.org/85325 RedHat Security Advisories: RHSA-2012:1326 http://rhn.redhat.com/errata/RHSA-2012-1326.html RedHat Security Advisories: RHSA-2012:1327 http://rhn.redhat.com/errata/RHSA-2012-1327.html http://www.securitytracker.com/id?1027509 http://secunia.com/advisories/50484 http://secunia.com/advisories/50584 http://secunia.com/advisories/50637 http://secunia.com/advisories/50770 SuSE Security Announcement: openSUSE-SU-2012:1200 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00023.html http://www.ubuntu.com/usn/USN-1585-1 XForce ISS Database: freeradius-cbtlsverify-bo(78408) https://exchange.xforce.ibmcloud.com/vulnerabilities/78408
Copyright	Copyright (C) 2015 Greenbone AG