ID de Prueba:	1.3.6.1.4.1.25623.1.0.54210
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2005-0031 (Multiple packages)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0031. clamav: - Edited freshclam.sh so that freshclam can be started when $LOGFILE is empty. Bug #976. cpplus: - New upstream 2.5.2. dev: - Added drbd* entries to /dev. Fix Bug #815. imagemagick: - Fixed an obscure heap-overflow vulnerability in the PNM reader reported by Damian Put. - Fixed memory overflow computation. kerberos5: - Security Fix: Fix for CVE-2004-0175 to krb5 rcp based on Markus Friedl's fix for OpenSSH scp. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0175 to this issue. kernel: - Add IPX Protocol support, Bug #983 openldap: - Fix, openldap when connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which causes a password to be sent in cleartext and allows remote attackers to sniff the password. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2069 to this issue. pam_ldap: - Fix, pam_ldap when connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which causes a password to be sent in cleartext and allows remote attackers to sniff the password. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2069 to this issue. perl-net-server: - New upstream. php: - Security Fix: PHP XML RPC's remote code execution vulnerability. - GulfTech Security recently discovered a vulnerability in the PHP XML RPC that leads to remote code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1921 to this issue. sqlgrey: - Multiple Bug Fixes - rebuilt on perl-net-server 0.88 to fix lockups. swup: - New Upstream Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0031 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0175 BugTraq ID: 9986 http://www.securityfocus.com/bid/9986 Computer Incident Advisory Center Bulletin: O-212 http://www.ciac.org/ciac/bulletins/o-212.shtml Conectiva Linux advisory: CLSA-2004:831 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000831 http://www.mandriva.com/security/advisories?name=MDKSA-2005:100 http://www.mandriva.com/security/advisories?name=MDVSA-2008:191 http://www.osvdb.org/9550 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10184 http://www.redhat.com/support/errata/RHSA-2005-074.html http://www.redhat.com/support/errata/RHSA-2005-106.html http://www.redhat.com/support/errata/RHSA-2005-165.html http://www.redhat.com/support/errata/RHSA-2005-481.html http://www.redhat.com/support/errata/RHSA-2005-495.html http://www.redhat.com/support/errata/RHSA-2005-562.html http://www.redhat.com/support/errata/RHSA-2005-567.html SCO Security Bulletin: SCOSA-2006.11 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt http://secunia.com/advisories/17135 http://secunia.com/advisories/19243 SuSE Security Announcement: SuSE-SA:2004:009 (Google Search) http://www.novell.com/linux/security/advisories/2004_09_kernel.html XForce ISS Database: openssh-scp-file-overwrite(16323) https://exchange.xforce.ibmcloud.com/vulnerabilities/16323 Common Vulnerability Exposure (CVE) ID: CVE-2005-2069 14125 http://www.securityfocus.com/bid/14125 14126 http://www.securityfocus.com/bid/14126 17233 http://secunia.com/advisories/17233 17692 http://www.osvdb.org/17692 17845 http://secunia.com/advisories/17845 20050704 pam_ldap/nss_ldap password leak in a master+slave+start_tls LDAP setup http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0060.html 21520 http://secunia.com/advisories/21520 GLSA-2005-07-13 http://www.gentoo.org/security/en/glsa/glsa-200507-13.xml MDKSA-2005:121 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:121 RHSA-2005:751 http://www.redhat.com/support/errata/RHSA-2005-751.html RHSA-2005:767 http://www.redhat.com/support/errata/RHSA-2005-767.html USN-152-1 http://www.ubuntu.com/usn/usn-152-1 http://bugs.gentoo.org/show_bug.cgi?id=96767 http://bugzilla.padl.com/show_bug.cgi?id=210 http://bugzilla.padl.com/show_bug.cgi?id=211 http://support.avaya.com/elmodocs2/security/ASA-2006-157.htm http://www.openldap.org/its/index.cgi/Incoming?id=3791 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161990 ldap-tls-information-disclosure(21245) https://exchange.xforce.ibmcloud.com/vulnerabilities/21245 oval:org.mitre.oval:def:9445 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9445 Common Vulnerability Exposure (CVE) ID: CVE-2005-1921 1015336 http://securitytracker.com/id?1015336 14088 http://www.securityfocus.com/bid/14088 15810 http://secunia.com/advisories/15810 15852 http://secunia.com/advisories/15852 15855 http://secunia.com/advisories/15855 15861 http://secunia.com/advisories/15861 15872 http://secunia.com/advisories/15872 15883 http://secunia.com/advisories/15883 15884 http://secunia.com/advisories/15884 15895 http://secunia.com/advisories/15895 15903 http://secunia.com/advisories/15903 15904 http://secunia.com/advisories/15904 15916 http://secunia.com/advisories/15916 15917 http://secunia.com/advisories/15917 15922 http://secunia.com/advisories/15922 15944 http://secunia.com/advisories/15944 15947 http://secunia.com/advisories/15947 15957 http://secunia.com/advisories/15957 16001 http://secunia.com/advisories/16001 16339 http://secunia.com/advisories/16339 16693 http://secunia.com/advisories/16693 17440 http://secunia.com/advisories/17440 17674 http://secunia.com/advisories/17674 18003 http://secunia.com/advisories/18003 20050629 Advisory 02/2005: Remote code execution in Serendipity http://marc.info/?l=bugtraq&m=112008638320145&w=2 20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue http://marc.info/?l=bugtraq&m=112015336720867&w=2 ADV-2005-2827 http://www.vupen.com/english/advisories/2005/2827 DSA-745 http://www.debian.org/security/2005/dsa-745 DSA-746 http://www.debian.org/security/2005/dsa-746 DSA-747 http://www.debian.org/security/2005/dsa-747 DSA-789 http://www.debian.org/security/2005/dsa-789 GLSA-200507-01 http://security.gentoo.org/glsa/glsa-200507-01.xml GLSA-200507-06 http://security.gentoo.org/glsa/glsa-200507-06.xml GLSA-200507-07 http://security.gentoo.org/glsa/glsa-200507-07.xml HPSBTU02083 http://www.securityfocus.com/archive/1/419064/100/0/threaded MDKSA-2005:109 http://www.mandriva.com/security/advisories?name=MDKSA-2005:109 RHSA-2005:564 http://www.redhat.com/support/errata/RHSA-2005-564.html SSRT051069 SUSE-SA:2005:041 http://www.novell.com/linux/security/advisories/2005_41_php_pear.html SUSE-SA:2005:049 http://www.novell.com/linux/security/advisories/2005_49_php.html SUSE-SA:2005:051 http://marc.info/?l=bugtraq&m=112605112027335&w=2 SUSE-SR:2005:018 http://www.novell.com/linux/security/advisories/2005_18_sr.html http://pear.php.net/package/XML_RPC/download/1.3.1 http://sourceforge.net/project/showfiles.php?group_id=87163 http://sourceforge.net/project/shownotes.php?release_id=338803 http://www.ampache.org/announce/3_3_1_2.php http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt http://www.gulftech.org/?node=research&article_id=00087-07012005 http://www.hardened-php.net/advisory-022005.php oval:org.mitre.oval:def:11294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294 oval:org.mitre.oval:def:350 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.