Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.69990 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 2281-1 (opie) |
Zusammenfassung: | The remote host is missing an update to opie;announced via advisory DSA 2281-1. |
Beschreibung: | Summary: The remote host is missing an update to opie announced via advisory DSA 2281-1. Vulnerability Insight: Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation (CVE-2011-2490) and an off-by-one error, which can lead to the execution of arbitrary code (CVE-2011-2489). Adam Zabrocki and Maksymilian Arciemowicz also discovered another off-by-one error (CVE-2010-1938), which only affects the lenny version as the fix was already included for squeeze. For the oldstable distribution (lenny), these problems have been fixed in version 2.32-10.2+lenny2. For the stable distribution (squeeze), these problems have been fixed in version 2.32.dfsg.1-0.2+squeeze1 The testing distribution (wheezy) and the unstable distribution (sid) do not contain opie. Solution: We recommend that you upgrade your opie packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-2489 BugTraq ID: 48390 http://www.securityfocus.com/bid/48390 Debian Security Information: DSA-2281 (Google Search) http://www.debian.org/security/2011/dsa-2281 http://www.openwall.com/lists/oss-security/2011/06/22/6 http://www.openwall.com/lists/oss-security/2011/06/23/5 http://secunia.com/advisories/45136 http://secunia.com/advisories/45448 SuSE Security Announcement: SUSE-SU-2011:0849 (Google Search) https://hermes.opensuse.org/messages/10082068 SuSE Security Announcement: openSUSE-SU-2011:0848 (Google Search) https://hermes.opensuse.org/messages/10082052 Common Vulnerability Exposure (CVE) ID: CVE-2011-2490 http://secunia.com/advisories/39966 Common Vulnerability Exposure (CVE) ID: CVE-2010-1938 BugTraq ID: 40403 http://www.securityfocus.com/bid/40403 http://www.exploit-db.com/exploits/12762 FreeBSD Security Advisory: FreeBSD-SA-10:05 http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc http://blog.pi3.com.pl/?p=111 http://site.pi3.com.pl/adv/libopie-adv.txt http://securitytracker.com/id?1024040 http://securitytracker.com/id?1025709 http://secunia.com/advisories/39963 http://securityreason.com/securityalert/7450 http://securityreason.com/achievement_securityalert/87 |
Copyright | Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |