Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007:191 (libsndfile)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58631

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2007:191 (libsndfile)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to libsndfile
announced via advisory MDKSA-2007:191.

A heap-based buffer overflow in libsndfile could allow remote attackers
to execute arbitrary code via a FLAC file with crafted PCM data which
contains a block with a size exceeding that of the previous block.

Updated packages have been patched to prevent this issue.

Affected: 2007.0, 2007.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:191

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4974
BugTraq ID: 25758
http://www.securityfocus.com/bid/25758
Debian Security Information: DSA-1442 (Google Search)
http://www.debian.org/security/2007/dsa-1442
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00344.html
http://security.gentoo.org/glsa/glsa-200710-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:191
http://secunia.com/advisories/26921
http://secunia.com/advisories/26932
http://secunia.com/advisories/27018
http://secunia.com/advisories/27071
http://secunia.com/advisories/27100
http://secunia.com/advisories/28265
http://secunia.com/advisories/28412
SuSE Security Announcement: SUSE-SR:2008:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://www.ubuntu.com/usn/usn-525-1
http://www.vupen.com/english/advisories/2007/3241

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58631
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:191 (libsndfile)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libsndfile announced via advisory MDKSA-2007:191. A heap-based buffer overflow in libsndfile could allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data which contains a block with a size exceeding that of the previous block. Updated packages have been patched to prevent this issue. Affected: 2007.0, 2007.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:191 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4974 BugTraq ID: 25758 http://www.securityfocus.com/bid/25758 Debian Security Information: DSA-1442 (Google Search) http://www.debian.org/security/2007/dsa-1442 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00344.html http://security.gentoo.org/glsa/glsa-200710-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:191 http://secunia.com/advisories/26921 http://secunia.com/advisories/26932 http://secunia.com/advisories/27018 http://secunia.com/advisories/27071 http://secunia.com/advisories/27100 http://secunia.com/advisories/28265 http://secunia.com/advisories/28412 SuSE Security Announcement: SUSE-SR:2008:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html http://www.ubuntu.com/usn/usn-525-1 http://www.vupen.com/english/advisories/2007/3241
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com