Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:200 (ed)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61631

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2008:200 (ed)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to ed
announced via advisory MDVSA-2008:200.

A heap-based buffer overflow was found in GNU ed that allowed
context-dependent or user-assisted attackers to execute arbitrary
code via a long filename (CVE-2008-3916).

This update provides GNU ed 1.0, which is not vulnerable to this issue.

Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:200

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3916
BugTraq ID: 30815
http://www.securityfocus.com/bid/30815
Bugtraq: 20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed (Google Search)
http://www.securityfocus.com/archive/1/501298/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00847.html
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00873.html
http://security.gentoo.org/glsa/glsa-200809-15.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:200
http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10678
http://www.redhat.com/support/errata/RHSA-2008-0946.html
http://www.securitytracker.com/id?1020734
http://secunia.com/advisories/32349
http://secunia.com/advisories/32460
http://secunia.com/advisories/33005
http://secunia.com/advisories/38794
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.vupen.com/english/advisories/2008/2642
http://www.vupen.com/english/advisories/2008/3347
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2011/0212
XForce ISS Database: gnued-stripescapes-bo(44643)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44643

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61631
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:200 (ed)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to ed announced via advisory MDVSA-2008:200. A heap-based buffer overflow was found in GNU ed that allowed context-dependent or user-assisted attackers to execute arbitrary code via a long filename (CVE-2008-3916). This update provides GNU ed 1.0, which is not vulnerable to this issue. Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:200 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3916 BugTraq ID: 30815 http://www.securityfocus.com/bid/30815 Bugtraq: 20090227 VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console package ed (Google Search) http://www.securityfocus.com/archive/1/501298/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00847.html https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00873.html http://security.gentoo.org/glsa/glsa-200809-15.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:200 http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10678 http://www.redhat.com/support/errata/RHSA-2008-0946.html http://www.securitytracker.com/id?1020734 http://secunia.com/advisories/32349 http://secunia.com/advisories/32460 http://secunia.com/advisories/33005 http://secunia.com/advisories/38794 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2008/2642 http://www.vupen.com/english/advisories/2008/3347 http://www.vupen.com/english/advisories/2010/0528 http://www.vupen.com/english/advisories/2011/0212 XForce ISS Database: gnued-stripescapes-bo(44643) https://exchange.xforce.ibmcloud.com/vulnerabilities/44643
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com