ID de Prueba:	1.3.6.1.4.1.25623.1.0.52469
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: cvs+ipv6
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following package is affected: cvs+ipv6 CVE-2004-0180 The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. CVE-2004-0405 CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180. Solution: Update your system with the appropriate patches or software upgrades. http://ccvs.cvshome.org/servlets/NewsItemView?newsID=102 http://www.vuxml.org/freebsd/0792e7a7-8e37-11d8-90d1-0020ed76ef5a.html CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0180 Debian Security Information: DSA-486 (Google Search) http://www.debian.org/security/2004/dsa-486 http://marc.info/?l=bugtraq&m=108636445031613&w=2 FreeBSD Security Advisory: FreeBSD-SA-04:07 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:07.cvs.asc http://security.gentoo.org/glsa/glsa-200404-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1042 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9462 http://www.redhat.com/support/errata/RHSA-2004-153.html http://www.redhat.com/support/errata/RHSA-2004-154.html http://secunia.com/advisories/11368 http://secunia.com/advisories/11371 http://secunia.com/advisories/11374 http://secunia.com/advisories/11375 http://secunia.com/advisories/11377 http://secunia.com/advisories/11380 http://secunia.com/advisories/11391 http://secunia.com/advisories/11400 http://secunia.com/advisories/11405 http://secunia.com/advisories/11548 SGI Security Advisory: 20040404-01-U ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.400181 SuSE Security Announcement: SuSE-SA:2004:008 (Google Search) XForce ISS Database: cvs-rcs-create-files(15864) https://exchange.xforce.ibmcloud.com/vulnerabilities/15864 Common Vulnerability Exposure (CVE) ID: CVE-2004-0405 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10818 XForce ISS Database: cvs-dotdot-directory-traversal(15891) https://exchange.xforce.ibmcloud.com/vulnerabilities/15891
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.