ID de Prueba:	1.3.6.1.4.1.25623.1.0.50542
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:057 (tripwire)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to tripwire announced via advisory MDKSA-2004:057. Paul Herman discovered a format string vulnerability in tripwire that could allow a local user to execute arbitrary code with the rights of the user running tripwire (typically root). This vulnerability only exists when tripwire is generating an email report. Affected versions: 10.0, 9.2, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:057 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0536 http://www.securityfocus.com/archive/1/365036 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	BugTraq ID: 10454 Common Vulnerability Exposure (CVE) ID: CVE-2004-0536 http://www.securityfocus.com/bid/10454 Bugtraq: 20040602 Format String Vulnerability in Tripwire (Google Search) http://marc.info/?l=bugtraq&m=108627481507249&w=2 Bugtraq: 20040603 Re: Format String Vulnerability in Tripwire (Google Search) http://marc.info/?l=bugtraq&m=108630983009228&w=2 http://security.gentoo.org/glsa/glsa-200406-02.xml http://www.redhat.com/support/errata/RHSA-2004-244.html XForce ISS Database: tripwire-fprintf-format-string(16309) https://exchange.xforce.ibmcloud.com/vulnerabilities/16309
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.