ID de Prueba:	1.3.6.1.4.1.25623.1.0.50829
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2002:051 (xchat)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xchat announced via advisory MDKSA-2002:051. In versions of the xchat IRC client prior to version 1.8.9, xchat does not filter the response from an IRC server when a /dns query is executed. xchat resolves hostnames by passing the configured resolver and hostname to a shell, so an IRC server may return a malicious response formatted so that arbitrary commands are executed with the privilege of the user running xchat. Affected versions: 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2002:051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0382 http://online.securityfocus.com/bid/4376/info/ Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 4376 Common Vulnerability Exposure (CVE) ID: CVE-2002-0382 http://www.securityfocus.com/bid/4376 Bugtraq: 20020327 Xchat /dns command execution vulnerability (Google Search) http://marc.info/?l=bugtraq&m=101725430425490&w=2 Conectiva Linux advisory: CLA-2002:526 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000526 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-051.php http://www.redhat.com/support/errata/RHSA-2002-097.html http://www.redhat.com/support/errata/RHSA-2002-124.html http://www.iss.net/security_center/static/8704.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.