Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:044 (cvs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72030

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:044 (cvs)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to cvs
announced via advisory MDVSA-2012:044.

A vulnerability has been found and corrected in cvs:

A heap-based buffer overflow flaw was found in the way the CVS client
handled responses from HTTP proxies. A malicious HTTP proxy could
use this flaw to cause the CVS client to crash or, possibly, execute
arbitrary code with the privileges of the user running the CVS client
(CVE-2012-0804).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:044

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-0804
1026719
http://www.securitytracker.com/id?1026719
47869
http://secunia.com/advisories/47869
48063
http://secunia.com/advisories/48063
48142
http://secunia.com/advisories/48142
48150
http://secunia.com/advisories/48150
51943
http://www.securityfocus.com/bid/51943
78987
http://www.osvdb.org/78987
DSA-2407
http://www.debian.org/security/2012/dsa-2407
GLSA-201701-44
https://security.gentoo.org/glsa/201701-44
MDVSA-2012:044
http://www.mandriva.com/security/advisories?name=MDVSA-2012:044
RHSA-2012:0321
http://rhn.redhat.com/errata/RHSA-2012-0321.html
USN-1371-1
http://ubuntu.com/usn/usn-1371-1
cvs-proxyconnect-bo(73097)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73097
https://bugzilla.redhat.com/show_bug.cgi?id=784141
openSUSE-SU-2012:0310
http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72030
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:044 (cvs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to cvs announced via advisory MDVSA-2012:044. A vulnerability has been found and corrected in cvs: A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client (CVE-2012-0804). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:044 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0804 1026719 http://www.securitytracker.com/id?1026719 47869 http://secunia.com/advisories/47869 48063 http://secunia.com/advisories/48063 48142 http://secunia.com/advisories/48142 48150 http://secunia.com/advisories/48150 51943 http://www.securityfocus.com/bid/51943 78987 http://www.osvdb.org/78987 DSA-2407 http://www.debian.org/security/2012/dsa-2407 GLSA-201701-44 https://security.gentoo.org/glsa/201701-44 MDVSA-2012:044 http://www.mandriva.com/security/advisories?name=MDVSA-2012:044 RHSA-2012:0321 http://rhn.redhat.com/errata/RHSA-2012-0321.html USN-1371-1 http://ubuntu.com/usn/usn-1371-1 cvs-proxyconnect-bo(73097) https://exchange.xforce.ibmcloud.com/vulnerabilities/73097 https://bugzilla.redhat.com/show_bug.cgi?id=784141 openSUSE-SU-2012:0310 http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com