Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:1010

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55319

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLSA-2005:1010

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLSA-2005:1010.

xpdf do not properly validate the 'loca' table
in PDF files, which allows remote attackers to cause
a denial of service (disk consumption and hang) via
a PDF file with a 'broken' loca table.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001010
http://www.foolabs.com/xpdf

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 14529
Common Vulnerability Exposure (CVE) ID: CVE-2005-2097
102972
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
14529
http://www.securityfocus.com/bid/14529
17277
http://secunia.com/advisories/17277
18398
http://secunia.com/advisories/18398
18407
http://secunia.com/advisories/18407
21339
http://secunia.com/advisories/21339
25729
http://secunia.com/advisories/25729
ADV-2007-2280
http://www.vupen.com/english/advisories/2007/2280
DSA-1136
http://www.debian.org/security/2006/dsa-1136
DSA-780
http://www.debian.org/security/2005/dsa-780
DSA-936
http://www.debian.org/security/2006/dsa-936
FLSA-2006:176751
http://www.securityfocus.com/archive/1/427053/100/0/threaded
FLSA:175404
http://www.securityfocus.com/archive/1/427990/100/0/threaded
MDKSA-2005:138
http://www.mandriva.com/security/advisories?name=MDKSA-2005:138
RHSA-2005:670
http://www.redhat.com/support/errata/RHSA-2005-670.html
RHSA-2005:671
http://www.redhat.com/support/errata/RHSA-2005-671.html
RHSA-2005:706
http://www.redhat.com/support/errata/RHSA-2005-706.html
RHSA-2005:708
http://www.redhat.com/support/errata/RHSA-2005-708.html
SCOSA-2005.42
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt
SUSE-SR:2005:019
http://www.novell.com/linux/security/advisories/2005_19_sr.html
USN-163-1
https://usn.ubuntu.com/163-1/
oval:org.mitre.oval:def:10280
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55319
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLSA-2005:1010
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLSA-2005:1010. xpdf do not properly validate the 'loca' table in PDF files, which allows remote attackers to cause a denial of service (disk consumption and hang) via a PDF file with a 'broken' loca table. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001010 http://www.foolabs.com/xpdf Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 14529 Common Vulnerability Exposure (CVE) ID: CVE-2005-2097 102972 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1 14529 http://www.securityfocus.com/bid/14529 17277 http://secunia.com/advisories/17277 18398 http://secunia.com/advisories/18398 18407 http://secunia.com/advisories/18407 21339 http://secunia.com/advisories/21339 25729 http://secunia.com/advisories/25729 ADV-2007-2280 http://www.vupen.com/english/advisories/2007/2280 DSA-1136 http://www.debian.org/security/2006/dsa-1136 DSA-780 http://www.debian.org/security/2005/dsa-780 DSA-936 http://www.debian.org/security/2006/dsa-936 FLSA-2006:176751 http://www.securityfocus.com/archive/1/427053/100/0/threaded FLSA:175404 http://www.securityfocus.com/archive/1/427990/100/0/threaded MDKSA-2005:138 http://www.mandriva.com/security/advisories?name=MDKSA-2005:138 RHSA-2005:670 http://www.redhat.com/support/errata/RHSA-2005-670.html RHSA-2005:671 http://www.redhat.com/support/errata/RHSA-2005-671.html RHSA-2005:706 http://www.redhat.com/support/errata/RHSA-2005-706.html RHSA-2005:708 http://www.redhat.com/support/errata/RHSA-2005-708.html SCOSA-2005.42 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.42/SCOSA-2005.42.txt SUSE-SR:2005:019 http://www.novell.com/linux/security/advisories/2005_19_sr.html USN-163-1 https://usn.ubuntu.com/163-1/ oval:org.mitre.oval:def:10280 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10280
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com