ID de Prueba:	1.3.6.1.4.1.25623.1.0.67565
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:122 (fastjar)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to fastjar announced via advisory MDVSA-2010:122. A vulnerability has been discovered and corrected in fastjar: Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619 (CVE-2010-0831). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:122 Risk factor : High CVSS Score: 5.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1080 BugTraq ID: 13083 http://www.securityfocus.com/bid/13083 Bugtraq: 20050412 7a69Adv#23 - Jar tool directory transversal vulnerability (Google Search) http://marc.info/?l=bugtraq&m=111331593310508&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2015:212 http://www.securiteam.com/securitynews/5IP0C0AFGW.html http://marc.info/?l=oss-security&m=127603032617644&w=2 http://marc.info/?l=oss-security&m=127602564508766&w=2 RedHat Security Advisories: RHSA-2015:0806 http://rhn.redhat.com/errata/RHSA-2015-0806.html RedHat Security Advisories: RHSA-2015:0807 http://rhn.redhat.com/errata/RHSA-2015-0807.html RedHat Security Advisories: RHSA-2015:0808 http://rhn.redhat.com/errata/RHSA-2015-0808.html RedHat Security Advisories: RHSA-2015:0809 http://rhn.redhat.com/errata/RHSA-2015-0809.html RedHat Security Advisories: RHSA-2015:0854 http://rhn.redhat.com/errata/RHSA-2015-0854.html RedHat Security Advisories: RHSA-2015:0857 http://rhn.redhat.com/errata/RHSA-2015-0857.html RedHat Security Advisories: RHSA-2015:0858 http://rhn.redhat.com/errata/RHSA-2015-0858.html RedHat Security Advisories: RHSA-2015:1006 http://rhn.redhat.com/errata/RHSA-2015-1006.html RedHat Security Advisories: RHSA-2015:1007 http://rhn.redhat.com/errata/RHSA-2015-1007.html RedHat Security Advisories: RHSA-2015:1020 http://rhn.redhat.com/errata/RHSA-2015-1020.html RedHat Security Advisories: RHSA-2015:1021 http://rhn.redhat.com/errata/RHSA-2015-1021.html RedHat Security Advisories: RHSA-2015:1091 http://rhn.redhat.com/errata/RHSA-2015-1091.html http://secunia.com/advisories/14902 Common Vulnerability Exposure (CVE) ID: CVE-2006-3619 BugTraq ID: 15669 http://www.securityfocus.com/bid/15669 Debian Security Information: DSA-1170 (Google Search) http://www.debian.org/security/2006/dsa-1170 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:066 http://www.osvdb.org/21337 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9617 http://www.redhat.com/support/errata/RHSA-2007-0220.html RedHat Security Advisories: RHSA-2007:0473 http://rhn.redhat.com/errata/RHSA-2007-0473.html http://www.securitytracker.com/id?1017987 http://secunia.com/advisories/17839 http://secunia.com/advisories/21100 http://secunia.com/advisories/21797 http://secunia.com/advisories/25098 http://secunia.com/advisories/25281 http://secunia.com/advisories/25633 http://secunia.com/advisories/25894 http://secunia.com/advisories/26909 http://secunia.com/advisories/27706 http://secunia.com/advisories/29334 SGI Security Advisory: 20070602-01-P ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://www.vupen.com/english/advisories/2005/2686 http://www.vupen.com/english/advisories/2006/2866 http://www.vupen.com/english/advisories/2007/3229 XForce ISS Database: gnugcc-fastjar-directory-traversal(27806) https://exchange.xforce.ibmcloud.com/vulnerabilities/27806 Common Vulnerability Exposure (CVE) ID: CVE-2010-0831 BugTraq ID: 41006 http://www.securityfocus.com/bid/41006 http://security.gentoo.org/glsa/glsa-201209-21.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:122 http://marc.info/?l=oss-security&m=127602731712034&w=2 http://www.osvdb.org/65467 http://www.redhat.com/support/errata/RHSA-2011-0025.html http://secunia.com/advisories/42892 http://secunia.com/advisories/50786 http://www.vupen.com/english/advisories/2010/1553 http://www.vupen.com/english/advisories/2011/0121
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.