Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:278 (compiz-fusion-plugins-main)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.66034

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:278 (compiz-fusion-plugins-main)

Resumen: The remote host is missing an update to compiz-fusion-plugins-main;announced via advisory MDVSA-2009:278.

Descripción: Summary:
The remote host is missing an update to compiz-fusion-plugins-main
announced via advisory MDVSA-2009:278.

Vulnerability Insight:
A vulnerability has been found and corrected in
compiz-fusion-plugins-main:

The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical
access to drag the screen saver aside and access the locked desktop
by using Expo mouse shortcuts, a related issue to CVE-2007-3920
(CVE-2008-6514).

This update fixes this vulnerability.

Affected: 2009.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3920
BugTraq ID: 26188
http://www.securityfocus.com/bid/26188
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192
http://www.redhat.com/support/errata/RHSA-2008-0485.html
http://secunia.com/advisories/27381
http://secunia.com/advisories/28627
http://secunia.com/advisories/30329
http://secunia.com/advisories/30715
SuSE Security Announcement: SUSE-SA:2008:027 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html
http://www.ubuntu.com/usn/usn-537-1
http://www.ubuntu.com/usn/usn-537-2
XForce ISS Database: gnomescreensaver-compiz-security-bypass(37410)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37410
Common Vulnerability Exposure (CVE) ID: CVE-2008-6514
BugTraq ID: 32712
http://www.securityfocus.com/bid/32712
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00860.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00878.html
https://bugs.launchpad.net/ubuntu/+source/compiz-fusion-plugins-main/+bug/247088
http://secunia.com/advisories/33077
http://secunia.com/advisories/34465
XForce ISS Database: compizfusion-expo-security-bypass(47172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47172

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66034
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:278 (compiz-fusion-plugins-main)
Resumen:	The remote host is missing an update to compiz-fusion-plugins-main;announced via advisory MDVSA-2009:278.
Descripción:	Summary: The remote host is missing an update to compiz-fusion-plugins-main announced via advisory MDVSA-2009:278. Vulnerability Insight: A vulnerability has been found and corrected in compiz-fusion-plugins-main: The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920 (CVE-2008-6514). This update fixes this vulnerability. Affected: 2009.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3920 BugTraq ID: 26188 http://www.securityfocus.com/bid/26188 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192 http://www.redhat.com/support/errata/RHSA-2008-0485.html http://secunia.com/advisories/27381 http://secunia.com/advisories/28627 http://secunia.com/advisories/30329 http://secunia.com/advisories/30715 SuSE Security Announcement: SUSE-SA:2008:027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html http://www.ubuntu.com/usn/usn-537-1 http://www.ubuntu.com/usn/usn-537-2 XForce ISS Database: gnomescreensaver-compiz-security-bypass(37410) https://exchange.xforce.ibmcloud.com/vulnerabilities/37410 Common Vulnerability Exposure (CVE) ID: CVE-2008-6514 BugTraq ID: 32712 http://www.securityfocus.com/bid/32712 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00860.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00878.html https://bugs.launchpad.net/ubuntu/+source/compiz-fusion-plugins-main/+bug/247088 http://secunia.com/advisories/33077 http://secunia.com/advisories/34465 XForce ISS Database: compizfusion-expo-security-bypass(47172) https://exchange.xforce.ibmcloud.com/vulnerabilities/47172
Copyright	Copyright (C) 2009 E-Soft Inc.