ID de Prueba:	1.3.6.1.4.1.25623.1.0.63447
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:055 (audacity)
Resumen:	The remote host is missing an update to audacity;announced via advisory MDVSA-2009:055.
Descripción:	Summary: The remote host is missing an update to audacity announced via advisory MDVSA-2009:055. Vulnerability Insight: A vulnerability has been identified and corrected in audacity: Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string (CVE-2009-0490). The updated packages have been patched to prevent this. Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0490 BugTraq ID: 33090 http://www.securityfocus.com/bid/33090 https://www.exploit-db.com/exploits/7634 http://n2.nabble.com/Audacity-%22String_parse::get_nonspace_quoted()%22-Buffer-Overflow-td2139537.html http://osvdb.org/51070 http://secunia.com/advisories/33356 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2009/0008
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.