Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2003:007 (dhcp)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50672

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2003:007 (dhcp)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to dhcp
announced via advisory MDKSA-2003:007.

Several potential vulnerabilities were detected by the ISC (Internet
Software Consortium) in their dhcp server software. The
vulnerabilities affect the minires library and may be exploitable as stack
buffer overflows, which could lead to remote code execution. All Mandrake
Linux users are encouraged to upgrade
only Mandrake Linux 8.0 came with
dhcp 2.x and is not vulnerable.

Affected versions: 7.2, 8.1, 8.2, 9.0, Multi Network Firewall 8.2,
Single Network Firewall 7.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2003:007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0026
http://www.cert.org/advisories/CA-2003-01.html

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0026
BugTraq ID: 6627
http://www.securityfocus.com/bid/6627
Bugtraq: 20030122 [securityslackware.com: [slackware-security] New DHCP packages available] (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html
http://www.cert.org/advisories/CA-2003-01.html
CERT/CC vulnerability note: VU#284857
http://www.kb.cert.org/vuls/id/284857
Computer Incident Advisory Center Bulletin: N-031
http://www.ciac.org/ciac/bulletins/n-031.shtml
Conectiva Linux advisory: CLA-2003:562
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562
Debian Security Information: DSA-231 (Google Search)
http://www.debian.org/security/2003/dsa-231
http://www.mandriva.com/security/advisories?name=MDKSA-2003:007
http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html
http://www.redhat.com/support/errata/RHSA-2003-011.html
http://www.securitytracker.com/id?1005924
SuSE Security Announcement: SuSE-SA:2003:0006 (Google Search)
http://www.suse.com/de/security/2003_006_dhcp.html
SuSE Security Announcement: SuSE-SA:2003:006 (Google Search)
XForce ISS Database: dhcpd-minires-multiple-bo(11073)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11073

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50672
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2003:007 (dhcp)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to dhcp announced via advisory MDKSA-2003:007. Several potential vulnerabilities were detected by the ISC (Internet Software Consortium) in their dhcp server software. The vulnerabilities affect the minires library and may be exploitable as stack buffer overflows, which could lead to remote code execution. All Mandrake Linux users are encouraged to upgrade only Mandrake Linux 8.0 came with dhcp 2.x and is not vulnerable. Affected versions: 7.2, 8.1, 8.2, 9.0, Multi Network Firewall 8.2, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2003:007 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0026 http://www.cert.org/advisories/CA-2003-01.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0026 BugTraq ID: 6627 http://www.securityfocus.com/bid/6627 Bugtraq: 20030122 [securityslackware.com: [slackware-security] New DHCP packages available] (Google Search) http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html http://www.cert.org/advisories/CA-2003-01.html CERT/CC vulnerability note: VU#284857 http://www.kb.cert.org/vuls/id/284857 Computer Incident Advisory Center Bulletin: N-031 http://www.ciac.org/ciac/bulletins/n-031.shtml Conectiva Linux advisory: CLA-2003:562 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 Debian Security Information: DSA-231 (Google Search) http://www.debian.org/security/2003/dsa-231 http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html http://www.redhat.com/support/errata/RHSA-2003-011.html http://www.securitytracker.com/id?1005924 SuSE Security Announcement: SuSE-SA:2003:0006 (Google Search) http://www.suse.com/de/security/2003_006_dhcp.html SuSE Security Announcement: SuSE-SA:2003:006 (Google Search) XForce ISS Database: dhcpd-minires-multiple-bo(11073) https://exchange.xforce.ibmcloud.com/vulnerabilities/11073
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com