Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:097 (kdelibs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60903

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2008:097 (kdelibs)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to kdelibs
announced via advisory MDVSA-2008:097.

A vulnerability was found in start_kdeinit in KDE 3.5.5 through
3.5.9 where, if it was installed setuid root, it could allow local
users to cause a denial of service or possibly execute arbitrary code
(CVE-2008-1671).

By default, start_kdeinit is not installed setuid root on Mandriva
Linux, however updated packages have been patched to correct this
issue.

Affected: 2008.0, 2008.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:097

Risk factor : Medium

CVSS Score:
4.6

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1671
1019924
http://www.securitytracker.com/id?1019924
28938
http://www.securityfocus.com/bid/28938
29951
http://secunia.com/advisories/29951
29977
http://secunia.com/advisories/29977
30113
http://secunia.com/advisories/30113
ADV-2008-1370
http://www.vupen.com/english/advisories/2008/1370/references
GLSA-200804-30
http://security.gentoo.org/glsa/glsa-200804-30.xml
MDVSA-2008:097
http://www.mandriva.com/security/advisories?name=MDVSA-2008:097
SUSE-SR:2008:011
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
USN-608-1
http://www.ubuntu.com/usn/usn-608-1
ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff
http://www.kde.org/info/security/advisory-20080426-2.txt
kde-startkdeinit-privilege-escalation(42039)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42039

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60903
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:097 (kdelibs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kdelibs announced via advisory MDVSA-2008:097. A vulnerability was found in start_kdeinit in KDE 3.5.5 through 3.5.9 where, if it was installed setuid root, it could allow local users to cause a denial of service or possibly execute arbitrary code (CVE-2008-1671). By default, start_kdeinit is not installed setuid root on Mandriva Linux, however updated packages have been patched to correct this issue. Affected: 2008.0, 2008.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:097 Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1671 1019924 http://www.securitytracker.com/id?1019924 28938 http://www.securityfocus.com/bid/28938 29951 http://secunia.com/advisories/29951 29977 http://secunia.com/advisories/29977 30113 http://secunia.com/advisories/30113 ADV-2008-1370 http://www.vupen.com/english/advisories/2008/1370/references GLSA-200804-30 http://security.gentoo.org/glsa/glsa-200804-30.xml MDVSA-2008:097 http://www.mandriva.com/security/advisories?name=MDVSA-2008:097 SUSE-SR:2008:011 http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html USN-608-1 http://www.ubuntu.com/usn/usn-608-1 ftp://ftp.kde.org/pub/kde/security_patches/post-kde-3.5.5-kinit.diff http://www.kde.org/info/security/advisory-20080426-2.txt kde-startkdeinit-privilege-escalation(42039) https://exchange.xforce.ibmcloud.com/vulnerabilities/42039
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com