Test Kennung:	1.3.6.1.4.1.25623.1.0.54564
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200405-04 (openoffice)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200405-04. Several format string vulnerabilities are present in the Neon library included in OpenOffice.org, allowing remote execution of arbitrary code when connected to an untrusted WebDAV server. Solution: There is no Ximian OpenOffice.org binary version including the fix yet. All users of the openoffice-ximian-bin package making use of the WebDAV openoffice-ximian source-based package should: # emerge sync # emerge -pv '>=app-office/openoffice-VERSION' # emerge '>=app-office/openoffice-VERSION' openoffice users on x86 should use version: 1.1.1-r1 openoffice users on sparc should use version: 1.1.0-r3 openoffice users on ppc should use version: 1.0.3-r1 openoffice-ximian users should use version: 1.1.51-r1 openoffice-bin users should use version: 1.1.2 http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200405-04 http://bugs.gentoo.org/show_bug.cgi?id=47926 http://www.gentoo.org/security/en/glsa/glsa-200405-01.xml CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 10136 Common Vulnerability Exposure (CVE) ID: CVE-2004-0179 http://www.securityfocus.com/bid/10136 Bugtraq: 20040416 [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon) (Google Search) http://marc.info/?l=bugtraq&m=108213873203477&w=2 Bugtraq: 20040416 void.at - neon format string bugs (Google Search) http://marc.info/?l=bugtraq&m=108214147022626&w=2 Debian Security Information: DSA-487 (Google Search) http://www.debian.org/security/2004/dsa-487 https://bugzilla.fedora.us/show_bug.cgi?id=1552 http://security.gentoo.org/glsa/glsa-200405-01.xml http://security.gentoo.org/glsa/glsa-200405-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:032 http://www.osvdb.org/5365 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1065 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10913 http://www.redhat.com/support/errata/RHSA-2004-157.html http://www.redhat.com/support/errata/RHSA-2004-158.html http://www.redhat.com/support/errata/RHSA-2004-159.html http://www.redhat.com/support/errata/RHSA-2004-160.html http://secunia.com/advisories/11363 SGI Security Advisory: 20040404-01-U ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc SuSE Security Announcement: SuSE-SA:2004:008 (Google Search) http://lists.suse.com/archive/suse-security-announce/2004-Apr/0003.html SuSE Security Announcement: SuSE-SA:2004:009 (Google Search) http://lists.suse.com/archive/suse-security-announce/2004-Apr/0002.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.