Turbolinux Local Security Tests : Turbolinux TLSA-2005-54 (sharutils)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52870

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2005-54 (sharutils)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to sharutils
announced via advisory TLSA-2005-54.

Sharutils consists of two shell archiving utilities: shar and unshar.

Multiple vulnerabilities have been discovered in sharutils.

These vulnerabilities could allow attackers to overwrite arbitrary files
via a symbolic link attack, and/or allow users to execute arbitrary code.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-54

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1772
BugTraq ID: 10066
http://www.securityfocus.com/bid/10066
Bugtraq: 20040406 GNU Sharutils buffer overflow vulnerability. (Google Search)
http://www.securityfocus.com/archive/1/359639
https://bugzilla.fedora.us/show_bug.cgi?id=2155
http://marc.info/?l=bugtraq&m=108137386310299&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11722
http://www.redhat.com/support/errata/RHSA-2005-377.html
XForce ISS Database: sharutils-shar-bo(15759)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15759
Common Vulnerability Exposure (CVE) ID: CVE-2004-1773
BugTraq ID: 11298
http://www.securityfocus.com/bid/11298
http://security.gentoo.org/glsa/glsa-200410-01.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11093
Common Vulnerability Exposure (CVE) ID: CVE-2005-0990
BugTraq ID: 12981
http://www.securityfocus.com/bid/12981
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302412
https://bugzilla.ubuntu.com/show_bug.cgi?id=8459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9613
https://usn.ubuntu.com/104-1/
XForce ISS Database: sharutils-temp-file-symlink(19957)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19957

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52870
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-54 (sharutils)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to sharutils announced via advisory TLSA-2005-54. Sharutils consists of two shell archiving utilities: shar and unshar. Multiple vulnerabilities have been discovered in sharutils. These vulnerabilities could allow attackers to overwrite arbitrary files via a symbolic link attack, and/or allow users to execute arbitrary code. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-54 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1772 BugTraq ID: 10066 http://www.securityfocus.com/bid/10066 Bugtraq: 20040406 GNU Sharutils buffer overflow vulnerability. (Google Search) http://www.securityfocus.com/archive/1/359639 https://bugzilla.fedora.us/show_bug.cgi?id=2155 http://marc.info/?l=bugtraq&m=108137386310299&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11722 http://www.redhat.com/support/errata/RHSA-2005-377.html XForce ISS Database: sharutils-shar-bo(15759) https://exchange.xforce.ibmcloud.com/vulnerabilities/15759 Common Vulnerability Exposure (CVE) ID: CVE-2004-1773 BugTraq ID: 11298 http://www.securityfocus.com/bid/11298 http://security.gentoo.org/glsa/glsa-200410-01.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11093 Common Vulnerability Exposure (CVE) ID: CVE-2005-0990 BugTraq ID: 12981 http://www.securityfocus.com/bid/12981 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=302412 https://bugzilla.ubuntu.com/show_bug.cgi?id=8459 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9613 https://usn.ubuntu.com/104-1/ XForce ISS Database: sharutils-temp-file-symlink(19957) https://exchange.xforce.ibmcloud.com/vulnerabilities/19957
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com