Test ID:	1.3.6.1.4.1.25623.1.0.831513
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for libarchive MDVSA-2011:190 (libarchive)
Summary:	The remote host is missing an update for the 'libarchive'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'libarchive' package(s) announced via the referenced advisory. Vulnerability Insight: Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2011-1777, CVE-2011-1778). The updated packages have been patched to correct these issues. Affected Software/OS: libarchive on Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1777 48034 http://secunia.com/advisories/48034 APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html DSA-2413 http://www.debian.org/security/2012/dsa-2413 RHSA-2011:1507 https://rhn.redhat.com/errata/RHSA-2011-1507.html http://code.google.com/p/libarchive/source/detail?r=3158 http://support.apple.com/kb/HT5281 https://bugzilla.redhat.com/show_bug.cgi?id=705849 Common Vulnerability Exposure (CVE) ID: CVE-2011-1778 http://code.google.com/p/libarchive/source/detail?r=3160
Copyright	Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.