ID de Prueba:	1.3.6.1.4.1.25623.1.0.60245
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:013 (python)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to python announced via advisory MDVSA-2008:013. Multiple integer overflows were found in python's imageop module. If an application written in python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the python interpreter. The updated packages have been patched to correct this issue. Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:013 Risk factor : High CVSS Score: 5.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4965 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 25696 http://www.securityfocus.com/bid/25696 Bugtraq: 20080212 FLEA-2008-0002-1 python (Google Search) http://www.securityfocus.com/archive/1/487990/100/0/threaded Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search) http://www.securityfocus.com/archive/1/488457/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1551 (Google Search) http://www.debian.org/security/2008/dsa-1551 Debian Security Information: DSA-1620 (Google Search) http://www.debian.org/security/2008/dsa-1620 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00378.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065826.html http://www.gentoo.org/security/en/glsa/glsa-200711-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:012 http://www.mandriva.com/security/advisories?name=MDVSA-2008:013 http://lists.vmware.com/pipermail/security-announce/2008/000005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10804 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8486 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8496 http://www.redhat.com/support/errata/RHSA-2007-1076.html http://www.redhat.com/support/errata/RHSA-2008-0629.html http://secunia.com/advisories/26837 http://secunia.com/advisories/27460 http://secunia.com/advisories/27562 http://secunia.com/advisories/27872 http://secunia.com/advisories/28136 http://secunia.com/advisories/28480 http://secunia.com/advisories/28838 http://secunia.com/advisories/29032 http://secunia.com/advisories/29303 http://secunia.com/advisories/29889 http://secunia.com/advisories/31255 http://secunia.com/advisories/31492 http://secunia.com/advisories/33937 http://secunia.com/advisories/37471 http://secunia.com/advisories/38675 SuSE Security Announcement: SUSE-SR:2008:003 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://www.ubuntu.com/usn/usn-585-1 http://www.vupen.com/english/advisories/2007/3201 http://www.vupen.com/english/advisories/2007/4238 http://www.vupen.com/english/advisories/2008/0637 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: python-imageop-bo(36653) https://exchange.xforce.ibmcloud.com/vulnerabilities/36653
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.