ID de Prueba:	1.3.6.1.4.1.25623.1.0.58726
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:213 (pcre)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to pcre announced via advisory MDKSA-2007:213. Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application. Updated packages have been patched to prevent this issue. Affected: Corporate 3.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:213 Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1660 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 26346 http://www.securityfocus.com/bid/26346 Bugtraq: 20071106 rPSA-2007-0231-1 pcre (Google Search) http://www.securityfocus.com/archive/1/483357/100/0/threaded Bugtraq: 20071112 FLEA-2007-0064-1 pcre (Google Search) http://www.securityfocus.com/archive/1/483579/100/0/threaded Bugtraq: 20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus (Google Search) http://www.securityfocus.com/archive/1/490917/100/0/threaded Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1399 (Google Search) http://www.debian.org/security/2007/dsa-1399 Debian Security Information: DSA-1570 (Google Search) http://www.debian.org/security/2008/dsa-1570 http://security.gentoo.org/glsa/glsa-200711-30.xml http://security.gentoo.org/glsa/glsa-200801-02.xml http://security.gentoo.org/glsa/glsa-200801-18.xml http://security.gentoo.org/glsa/glsa-200801-19.xml http://security.gentoo.org/glsa/glsa-200805-11.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:211 http://www.mandriva.com/security/advisories?name=MDKSA-2007:212 http://www.mandriva.com/security/advisories?name=MDKSA-2007:213 http://bugs.gentoo.org/show_bug.cgi?id=198976 http://lists.vmware.com/pipermail/security-announce/2008/000014.html http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10562 http://www.redhat.com/support/errata/RHSA-2007-0967.html http://www.redhat.com/support/errata/RHSA-2007-0968.html http://www.redhat.com/support/errata/RHSA-2007-1063.html http://www.redhat.com/support/errata/RHSA-2007-1065.html http://www.redhat.com/support/errata/RHSA-2008-0546.html http://securitytracker.com/id?1018895 http://secunia.com/advisories/27538 http://secunia.com/advisories/27543 http://secunia.com/advisories/27547 http://secunia.com/advisories/27554 http://secunia.com/advisories/27598 http://secunia.com/advisories/27697 http://secunia.com/advisories/27741 http://secunia.com/advisories/27773 http://secunia.com/advisories/27776 http://secunia.com/advisories/27862 http://secunia.com/advisories/27965 http://secunia.com/advisories/28136 http://secunia.com/advisories/28406 http://secunia.com/advisories/28414 http://secunia.com/advisories/28658 http://secunia.com/advisories/28714 http://secunia.com/advisories/28720 http://secunia.com/advisories/29420 http://secunia.com/advisories/29785 http://secunia.com/advisories/30106 http://secunia.com/advisories/30155 http://secunia.com/advisories/30219 http://secunia.com/advisories/31124 SuSE Security Announcement: SUSE-SA:2007:062 (Google Search) http://www.novell.com/linux/security/advisories/2007_62_pcre.html SuSE Security Announcement: SUSE-SA:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html SuSE Security Announcement: SUSE-SR:2007:025 (Google Search) http://www.novell.com/linux/security/advisories/2007_25_sr.html https://usn.ubuntu.com/547-1/ http://www.vupen.com/english/advisories/2007/3725 http://www.vupen.com/english/advisories/2007/3790 http://www.vupen.com/english/advisories/2007/4238 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1234/references XForce ISS Database: pcre-character-class-dos(38273) https://exchange.xforce.ibmcloud.com/vulnerabilities/38273
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.