Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:155 (git)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64457

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:155 (git)

Resumen: The remote host is missing an update to git;announced via advisory MDVSA-2009:155.

Descripción: Summary:
The remote host is missing an update to git
announced via advisory MDVSA-2009:155.

Vulnerability Insight:
A vulnerability has been found and corrected in git:

git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to
cause a denial of service (infinite loop and CPU consumption) via a
request containing extra unrecognized arguments (CVE-2009-2108).

This update provides fixes for this vulnerability.

Affected: 2009.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2108
BugTraq ID: 35338
http://www.securityfocus.com/bid/35338
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html
http://security.gentoo.org/glsa/glsa-200907-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:155
http://article.gmane.org/gmane.comp.version-control.git/120733
http://thread.gmane.org/gmane.comp.version-control.git/120724
https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html
http://www.openwall.com/lists/oss-security/2009/06/12/1
http://osvdb.org/55034
http://www.securitytracker.com/id?1022398
http://secunia.com/advisories/35437
http://secunia.com/advisories/35730
http://www.vupen.com/english/advisories/2009/1579
XForce ISS Database: gitdaemon-xinetd-dos(51083)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51083

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64457
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:155 (git)
Resumen:	The remote host is missing an update to git;announced via advisory MDVSA-2009:155.
Descripción:	Summary: The remote host is missing an update to git announced via advisory MDVSA-2009:155. Vulnerability Insight: A vulnerability has been found and corrected in git: git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments (CVE-2009-2108). This update provides fixes for this vulnerability. Affected: 2009.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2108 BugTraq ID: 35338 http://www.securityfocus.com/bid/35338 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html http://security.gentoo.org/glsa/glsa-200907-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:155 http://article.gmane.org/gmane.comp.version-control.git/120733 http://thread.gmane.org/gmane.comp.version-control.git/120724 https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html http://www.openwall.com/lists/oss-security/2009/06/12/1 http://osvdb.org/55034 http://www.securitytracker.com/id?1022398 http://secunia.com/advisories/35437 http://secunia.com/advisories/35730 http://www.vupen.com/english/advisories/2009/1579 XForce ISS Database: gitdaemon-xinetd-dos(51083) https://exchange.xforce.ibmcloud.com/vulnerabilities/51083
Copyright	Copyright (C) 2009 E-Soft Inc.