Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2009:126-1 (eggdrop)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66484
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2009:126-1 (eggdrop)
Resumen:	The remote host is missing an update to eggdrop;announced via advisory MDVSA-2009:126-1.
Descripción:	Summary: The remote host is missing an update to eggdrop announced via advisory MDVSA-2009:126-1. Vulnerability Insight: mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807 (CVE-2009-1789). Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2807 BugTraq ID: 24070 http://www.securityfocus.com/bid/24070 Debian Security Information: DSA-1448 (Google Search) http://www.debian.org/security/2008/dsa-1448 Debian Security Information: DSA-1826 (Google Search) http://www.debian.org/security/2009/dsa-1826 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00336.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00348.html http://security.gentoo.org/glsa/glsa-200709-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:175 http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 http://osvdb.org/36237 http://securitytracker.com/id?1018700 http://secunia.com/advisories/25276 http://secunia.com/advisories/26727 http://secunia.com/advisories/26826 http://secunia.com/advisories/27989 http://secunia.com/advisories/28347 http://secunia.com/advisories/35690 Common Vulnerability Exposure (CVE) ID: CVE-2009-1789 BugTraq ID: 34985 http://www.securityfocus.com/bid/34985 Bugtraq: 20090515 eggdrop/windrop remote crash vulnerability (Google Search) http://www.securityfocus.com/archive/1/503574 https://www.exploit-db.com/exploits/8695 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01333.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01337.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:126 http://osvdb.org/54460 http://secunia.com/advisories/35104 http://secunia.com/advisories/35158 http://www.vupen.com/english/advisories/2009/1340 XForce ISS Database: eggdrop-servmsg-dos(50547) https://exchange.xforce.ibmcloud.com/vulnerabilities/50547
Copyright	Copyright (C) 2009 E-Soft Inc.