Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:213 (dbus)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.62914

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2008:213 (dbus)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to dbus
announced via advisory MDVSA-2008:213.

The D-Bus library did not correctly validate certain corrupted
signatures which could cause a crash of applications linked against
the D-Bus library if a local user were to send a specially crafted
D-Bus request (CVE-2008-3834).

The updated packages have been patched to prevent this issue.

Affected: 2008.0, 2008.1, 2009.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:213

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3834
1021063
http://www.securitytracker.com/id?1021063
31602
http://www.securityfocus.com/bid/31602
32127
http://secunia.com/advisories/32127
32230
http://secunia.com/advisories/32230
32281
http://secunia.com/advisories/32281
32385
http://secunia.com/advisories/32385
33396
http://secunia.com/advisories/33396
7822
https://www.exploit-db.com/exploits/7822
ADV-2008-2762
http://www.vupen.com/english/advisories/2008/2762
DSA-1658
http://www.debian.org/security/2008/dsa-1658
FEDORA-2008-8764
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html
MDVSA-2008:213
http://www.mandriva.com/security/advisories?name=MDVSA-2008:213
RHSA-2009:0008
http://www.redhat.com/support/errata/RHSA-2009-0008.html
SUSE-SR:2008:027
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
USN-653-1
http://www.ubuntu.com/usn/usn-653-1
dbus-dbusvalidatesignaturewithreason-dos(45701)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45701
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a
https://bugs.freedesktop.org/show_bug.cgi?id=17803
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834
openSUSE-SU-2012:1418
http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html
oval:org.mitre.oval:def:10253
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.62914
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:213 (dbus)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to dbus announced via advisory MDVSA-2008:213. The D-Bus library did not correctly validate certain corrupted signatures which could cause a crash of applications linked against the D-Bus library if a local user were to send a specially crafted D-Bus request (CVE-2008-3834). The updated packages have been patched to prevent this issue. Affected: 2008.0, 2008.1, 2009.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:213 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3834 1021063 http://www.securitytracker.com/id?1021063 31602 http://www.securityfocus.com/bid/31602 32127 http://secunia.com/advisories/32127 32230 http://secunia.com/advisories/32230 32281 http://secunia.com/advisories/32281 32385 http://secunia.com/advisories/32385 33396 http://secunia.com/advisories/33396 7822 https://www.exploit-db.com/exploits/7822 ADV-2008-2762 http://www.vupen.com/english/advisories/2008/2762 DSA-1658 http://www.debian.org/security/2008/dsa-1658 FEDORA-2008-8764 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00298.html MDVSA-2008:213 http://www.mandriva.com/security/advisories?name=MDVSA-2008:213 RHSA-2009:0008 http://www.redhat.com/support/errata/RHSA-2009-0008.html SUSE-SR:2008:027 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html USN-653-1 http://www.ubuntu.com/usn/usn-653-1 dbus-dbusvalidatesignaturewithreason-dos(45701) https://exchange.xforce.ibmcloud.com/vulnerabilities/45701 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://www.freedesktop.org/wiki/Software/dbus#head-dad0dab297a44f1d7a3b1259cfc06b583fd6a88a https://bugs.freedesktop.org/show_bug.cgi?id=17803 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3834 openSUSE-SU-2012:1418 http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html oval:org.mitre.oval:def:10253 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10253
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com