Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:038 (emacs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51690

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2005:038 (emacs)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to emacs
announced via advisory MDKSA-2005:038.

Max Vozeler discovered several format string vulnerabilities in the
movemail utility in Emacs. If a user connects to a malicious POP
server, an attacker can execute arbitrary code as the user running
emacs.

The updated packages have been patched to correct the problem.

Affected versions: 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0100

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0100
BugTraq ID: 12462
http://www.securityfocus.com/bid/12462
Bugtraq: 20050207 [USN-76-1] Emacs vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=110780416112719&w=2
Debian Security Information: DSA-670 (Google Search)
http://www.debian.org/security/2005/dsa-670
Debian Security Information: DSA-671 (Google Search)
http://www.debian.org/security/2005/dsa-671
Debian Security Information: DSA-685 (Google Search)
http://www.debian.org/security/2005/dsa-685
http://www.securityfocus.com/archive/1/433928/30/5010/threaded
http://www.mandriva.com/security/advisories?name=MDKSA-2005:038
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408
http://www.redhat.com/support/errata/RHSA-2005-110.html
http://www.redhat.com/support/errata/RHSA-2005-112.html
http://www.redhat.com/support/errata/RHSA-2005-133.html
XForce ISS Database: xemacs-movemail-format-string(19246)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19246

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51690
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:038 (emacs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to emacs announced via advisory MDKSA-2005:038. Max Vozeler discovered several format string vulnerabilities in the movemail utility in Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The updated packages have been patched to correct the problem. Affected versions: 10.0, 10.1, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:038 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0100 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0100 BugTraq ID: 12462 http://www.securityfocus.com/bid/12462 Bugtraq: 20050207 [USN-76-1] Emacs vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110780416112719&w=2 Debian Security Information: DSA-670 (Google Search) http://www.debian.org/security/2005/dsa-670 Debian Security Information: DSA-671 (Google Search) http://www.debian.org/security/2005/dsa-671 Debian Security Information: DSA-685 (Google Search) http://www.debian.org/security/2005/dsa-685 http://www.securityfocus.com/archive/1/433928/30/5010/threaded http://www.mandriva.com/security/advisories?name=MDKSA-2005:038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408 http://www.redhat.com/support/errata/RHSA-2005-110.html http://www.redhat.com/support/errata/RHSA-2005-112.html http://www.redhat.com/support/errata/RHSA-2005-133.html XForce ISS Database: xemacs-movemail-format-string(19246) https://exchange.xforce.ibmcloud.com/vulnerabilities/19246
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com