Trustix Local Security Checks : Trustix Security Advisory TSLSA-2002-0040 (Multiple packages)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54231

Categoría: Trustix Local Security Checks

Título: Trustix Security Advisory TSLSA-2002-0040 (Multiple packages)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory TSLSA-2002-0040.

zlib version 1.1.3 and lower contains a vulnerability which, in a worst case
scenario, might allow an attacker to execute arbitary code. This problem is
solved by upgrading to the new release of zlib.

All programs which are dynamicly linked with this library needs to be
restarted after the zlib upgrade. This include, among others: openssh and
postgresql. To ensure that these services are in fact restarted, the TSL-team
have upgraded them aswell.
Users of the swup software update tool will benefit greatly from this.

Some programs are staticly linked with this library and have been
recomplied using the new release of zlib as part of the build environment.

Also some programs have parts of the zlib source code copied into their own
source code, and may therefore be vulnerable. These will be updated when
analysis tells us that they are in fact vulnerable.

Following is a list of the updated packages:
- zlib (Upgrade: 1.1.4-1tr)
- openssh (Rebuild: 3.1.0p1-2tr)
- postgresql (Rebuild: 7.1.2-4tr)
- mysql (Rebuild: 3.23.47-2tr)
- rpm (Rebuild: 3.0.6-7tr)
- rsync (Upgrade: 2.5.4-1tr)
- kernel (Patch: 2.2.20-2tr)
- sash (Upgrade: 3.5-1tr)
- ppp (Ugrade/patch: 2.4.1-1tr)

We have also included some of the updates that have been in the public
testing directories for a while:

1.5: man and procmail
1.2: apache apache-ssl

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0040

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54231
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2002-0040 (Multiple packages)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2002-0040. zlib version 1.1.3 and lower contains a vulnerability which, in a worst case scenario, might allow an attacker to execute arbitary code. This problem is solved by upgrading to the new release of zlib. All programs which are dynamicly linked with this library needs to be restarted after the zlib upgrade. This include, among others: openssh and postgresql. To ensure that these services are in fact restarted, the TSL-team have upgraded them aswell. Users of the swup software update tool will benefit greatly from this. Some programs are staticly linked with this library and have been recomplied using the new release of zlib as part of the build environment. Also some programs have parts of the zlib source code copied into their own source code, and may therefore be vulnerable. These will be updated when analysis tells us that they are in fact vulnerable. Following is a list of the updated packages: - zlib (Upgrade: 1.1.4-1tr) - openssh (Rebuild: 3.1.0p1-2tr) - postgresql (Rebuild: 7.1.2-4tr) - mysql (Rebuild: 3.23.47-2tr) - rpm (Rebuild: 3.0.6-7tr) - rsync (Upgrade: 2.5.4-1tr) - kernel (Patch: 2.2.20-2tr) - sash (Upgrade: 3.5-1tr) - ppp (Ugrade/patch: 2.4.1-1tr) We have also included some of the updates that have been in the public testing directories for a while: 1.5: man and procmail 1.2: apache apache-ssl Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0040 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com