Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.51396 |
Kategorie: | Conectiva Local Security Checks |
Titel: | Conectiva Security Advisory CLA-2003:568 |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing updates announced in advisory CLA-2003:568. Mozilla is an open-source web browser designed for standards compliance, performance and portability. This update addresses several vulnerabilities found after the mozilla 1.0rc2 release, wich was the last version sent as an official update[1] for Conectiva Linux distributions. A complete list of such vulnerabilities can be obtained in [2,3], and details about the most known ones in [5,6,7,8,9]. A remote attacker could exploit these vulnerabilities by creating malicious web pages that, when acessed, would crash the browser, potentially allow remote arbitrary code execution or cause some sort of unexpected behavior. The packages from this update are of Mozilla 1.2.1, which is the latest stable release[10] from mozilla.org and includes fixes for the known vulnerabilities. Besides the security fixes, it also includes several new features and other minor corrections. The vulnerabilities aforementioned also affect the Galeon web browser, which uses the Mozilla engine. Galeon is being updated to the version 1.2.7 in Conectiva Linux 8, but not in Conectiva Linux 6.0 and 7.0. The Galeon version distributed in these versions of Conectiva Linux was in its early stages of development and would not work with the new Mozilla packages. A new version of Galeon for these distributions would need many other updated packages and therefore will not be provided. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490 http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html http://www.mozilla.org/projects/security/known-vulnerabilities.html http://online.securityfocus.com/bid/5665/discussion/ http://online.securityfocus.com/bid/5694/discussion/ http://online.securityfocus.com/bid/5757/discussion/ http://online.securityfocus.com/bid/5759/discussion/ http://online.securityfocus.com/bid/5762/discussion/ http://online.securityfocus.com/bid/5766/discussion/ http://www.mozilla.org/releases/mozilla1.2.1/ http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:568 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |