ID de Prueba:	1.3.6.1.4.1.25623.1.0.57650
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:216 (links)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to links announced via advisory MDKSA-2006:216. The links web browser with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements. Corporate 3.0 is not affected by this issue, as that version of links does not have smb:// URI support. Updated packages have disabled access to smb:// URIs. Affected: 2006.0, 2007.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:216 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5925 1017232 http://securitytracker.com/id?1017232 1017233 http://securitytracker.com/id?1017233 20061115 Links smbclient command execution http://marc.info/?l=full-disclosure&m=116355556512780&w=2 http://www.securityfocus.com/archive/1/451870/100/200/threaded 2007-0005 http://www.trustix.org/errata/2007/0005 21082 http://www.securityfocus.com/bid/21082 22905 http://secunia.com/advisories/22905 22920 http://secunia.com/advisories/22920 22923 http://secunia.com/advisories/22923 23022 http://secunia.com/advisories/23022 23132 http://secunia.com/advisories/23132 23188 http://secunia.com/advisories/23188 23234 http://secunia.com/advisories/23234 23389 http://secunia.com/advisories/23389 23467 http://secunia.com/advisories/23467 24005 http://secunia.com/advisories/24005 24054 http://secunia.com/advisories/24054 DSA-1226 https://www.debian.org/security/2006/dsa-1226 DSA-1228 http://www.debian.org/security/2006/dsa-1228 DSA-1240 http://www.debian.org/security/2006/dsa-1240 GLSA-200612-16 http://security.gentoo.org/glsa/glsa-200612-16.xml GLSA-200701-27 http://www.gentoo.org/security/en/glsa/glsa-200701-27.xml MDKSA-2006:216 http://www.mandriva.com/security/advisories?name=MDKSA-2006:216 RHSA-2006:0742 http://www.redhat.com/support/errata/RHSA-2006-0742.html SUSE-SR:2006:027 http://www.novell.com/linux/security/advisories/2006_27_sr.html http://bugzilla.elinks.cz/show_bug.cgi?id=841 links-smbclient-command-execution(30299) https://exchange.xforce.ibmcloud.com/vulnerabilities/30299 oval:org.mitre.oval:def:11213 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11213
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.