Turbolinux Local Security Tests : Turbolinux TLSA-2005-33 (nfs-utils)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52849

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2005-33 (nfs-utils)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to nfs-utils
announced via advisory TLSA-2005-33.

The nfs-utils package provides a daemon for the kernel NFS server and
related tools, which provide a much higher level of performance than
the traditional Linux NFS server used by most users.

The statd daemon in the nfs-utils package ignores the SIGPIPE signal

this can allow remote attackers to cause a denial of service.

The vulnerability could allow remote attackers to cause a denial of service.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-33

Risk factor : Critical

CVSS Score:
10.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0946
BugTraq ID: 11911
http://www.securityfocus.com/bid/11911
CERT/CC vulnerability note: VU#698302
http://www.kb.cert.org/vuls/id/698302
http://www.securityfocus.com/archive/1/426072/30/6740/threaded
http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:005
http://bugs.gentoo.org/show_bug.cgi?id=72113
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464
http://www.redhat.com/support/errata/RHSA-2004-583.html
http://www.redhat.com/support/errata/RHSA-2005-014.html
http://secunia.com/advisories/13440/
XForce ISS Database: nfsutils-getquotainfo-bo(18455)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18455
Common Vulnerability Exposure (CVE) ID: CVE-2004-1014
BugTraq ID: 11785
http://www.securityfocus.com/bid/11785
Debian Security Information: DSA-606 (Google Search)
http://www.debian.org/security/2004/dsa-606
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899
http://www.trustix.org/errata/2004/0065/
https://www.ubuntu.com/usn/usn-36-1/
XForce ISS Database: nfs-utils-statd-dos(18332)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18332

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52849
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-33 (nfs-utils)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to nfs-utils announced via advisory TLSA-2005-33. The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provide a much higher level of performance than the traditional Linux NFS server used by most users. The statd daemon in the nfs-utils package ignores the SIGPIPE signal this can allow remote attackers to cause a denial of service. The vulnerability could allow remote attackers to cause a denial of service. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-33 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0946 BugTraq ID: 11911 http://www.securityfocus.com/bid/11911 CERT/CC vulnerability note: VU#698302 http://www.kb.cert.org/vuls/id/698302 http://www.securityfocus.com/archive/1/426072/30/6740/threaded http://www.gentoo.org/security/en/glsa/glsa-200412-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:005 http://bugs.gentoo.org/show_bug.cgi?id=72113 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10464 http://www.redhat.com/support/errata/RHSA-2004-583.html http://www.redhat.com/support/errata/RHSA-2005-014.html http://secunia.com/advisories/13440/ XForce ISS Database: nfsutils-getquotainfo-bo(18455) https://exchange.xforce.ibmcloud.com/vulnerabilities/18455 Common Vulnerability Exposure (CVE) ID: CVE-2004-1014 BugTraq ID: 11785 http://www.securityfocus.com/bid/11785 Debian Security Information: DSA-606 (Google Search) http://www.debian.org/security/2004/dsa-606 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899 http://www.trustix.org/errata/2004/0065/ https://www.ubuntu.com/usn/usn-36-1/ XForce ISS Database: nfs-utils-statd-dos(18332) https://exchange.xforce.ibmcloud.com/vulnerabilities/18332
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com