CGI abuses : GNUMP3d <= 2.9.7 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56823

Categoría: CGI abuses

Título: GNUMP3d <= 2.9.7 Multiple Vulnerabilities

Resumen: NOSUMMARY

Descripción: Description:

The remote host is running the GNUMP3d streaming
audio video server. This version is vulnerable to
a directory traversal vulnerability allowing for possible
arbitrary file disclosure. A second vulnerability involves
the insecure creation of temporary files that may allow
an attacker to overwrite arbtirary files on the system.
Versions up to and including 2.9.7 are vulnerable.

Solution: Upgrade to 2.9.8 or later.

Risk factor : High

CVSS Score:
6.4

Referencia Cruzada: BugTraq ID: 15496
BugTraq ID: 15497
Common Vulnerability Exposure (CVE) ID: CVE-2005-3355
http://www.securityfocus.com/bid/15496
Debian Security Information: DSA-901 (Google Search)
http://www.debian.org/security/2005/dsa-901
http://www.gentoo.org/security/en/glsa/glsa-200511-16.xml
http://secunia.com/advisories/17646
http://secunia.com/advisories/17647
http://secunia.com/advisories/17656
SuSE Security Announcement: SUSE-SR:2005:028 (Google Search)
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.vupen.com/english/advisories/2005/2489
Common Vulnerability Exposure (CVE) ID: CVE-2005-3349
http://www.securityfocus.com/bid/15497
http://www.gnu.org/software/gnump3d/attacks.html#temporary-files

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56823
Categoría:	CGI abuses
Título:	GNUMP3d <= 2.9.7 Multiple Vulnerabilities
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running the GNUMP3d streaming audio video server. This version is vulnerable to a directory traversal vulnerability allowing for possible arbitrary file disclosure. A second vulnerability involves the insecure creation of temporary files that may allow an attacker to overwrite arbtirary files on the system. Versions up to and including 2.9.7 are vulnerable. Solution: Upgrade to 2.9.8 or later. Risk factor : High CVSS Score: 6.4
Referencia Cruzada:	BugTraq ID: 15496 BugTraq ID: 15497 Common Vulnerability Exposure (CVE) ID: CVE-2005-3355 http://www.securityfocus.com/bid/15496 Debian Security Information: DSA-901 (Google Search) http://www.debian.org/security/2005/dsa-901 http://www.gentoo.org/security/en/glsa/glsa-200511-16.xml http://secunia.com/advisories/17646 http://secunia.com/advisories/17647 http://secunia.com/advisories/17656 SuSE Security Announcement: SUSE-SR:2005:028 (Google Search) http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.vupen.com/english/advisories/2005/2489 Common Vulnerability Exposure (CVE) ID: CVE-2005-3349 http://www.securityfocus.com/bid/15497 http://www.gnu.org/software/gnump3d/attacks.html#temporary-files
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com