Trustix Local Security Checks : Trustix Security Advisory TSLSA-2004-0055 (libxml2, postgresql)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54300

Categoría: Trustix Local Security Checks

Título: Trustix Security Advisory TSLSA-2004-0055 (libxml2, postgresql)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory TSLSA-2004-0055.

libxml2:
Sean reported the following issues to
Bugtraq:

1)There is a buffer overflow when parsing a URL with ftp information
in it. A loop incorrectly copies data from a user supplied buffer
into a finite stack buffer with no regard for the length being copied.

2)There is a buffer overflow when parsing a proxy URL with ftp
information in it. A loop incorrectly copies data from a user supplied
buffer into a finite stack buffer with no regard for the length being
copied.

3)There are multiple buffer overflows in the code that resolves names
via DNS. An attacker running a malicious DNS server, or an attacker
on a LAN spoofing DNS replies could leverage these to execute code on
the victim's computer.

postgresql:
According to the release notice, this update fixes the following possible
data loss bug:

Repair possible failure to update hint bits on disk.
Under rare circumstances this oversight could lead to could not
access transaction status failures, which qualifies it as a
potential-data-loss bug.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0055

Risk factor : High

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54300
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2004-0055 (libxml2, postgresql)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2004-0055. libxml2: Sean reported the following issues to Bugtraq: 1)There is a buffer overflow when parsing a URL with ftp information in it. A loop incorrectly copies data from a user supplied buffer into a finite stack buffer with no regard for the length being copied. 2)There is a buffer overflow when parsing a proxy URL with ftp information in it. A loop incorrectly copies data from a user supplied buffer into a finite stack buffer with no regard for the length being copied. 3)There are multiple buffer overflows in the code that resolves names via DNS. An attacker running a malicious DNS server, or an attacker on a LAN spoofing DNS replies could leverage these to execute code on the victim's computer. postgresql: According to the release notice, this update fixes the following possible data loss bug: Repair possible failure to update hint bits on disk. Under rare circumstances this oversight could lead to could not access transaction status failures, which qualifies it as a potential-data-loss bug. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0055 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com