Conectiva Local Security Checks : Conectiva Security Advisory CLA-2005:966 (cvs)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53041

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLA-2005:966 (cvs)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLA-2005:966.

A buffer overflow exists in the processing of
version and author information in the cvs client
which allows a malicous cvs server to execute
arbitrary code on the system.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.cvshome.org
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000966

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 13217
Common Vulnerability Exposure (CVE) ID: CVE-2005-0753
Debian Security Information: DSA-742 (Google Search)
http://www.debian.org/security/2005/dsa-742
http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml
http://bugs.gentoo.org/attachment.cgi?id=54352&action=view
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688
http://www.redhat.com/support/errata/RHSA-2005-387.html
http://secunia.com/advisories/14976/
SuSE Security Announcement: SUSE-SA:2005:024 (Google Search)
http://www.novell.com/linux/security/advisories/2005_24_cvs.html
XForce ISS Database: cvs-bo(20148)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20148

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53041
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2005:966 (cvs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2005:966. A buffer overflow exists in the processing of version and author information in the cvs client which allows a malicous cvs server to execute arbitrary code on the system. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.cvshome.org http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000966 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 13217 Common Vulnerability Exposure (CVE) ID: CVE-2005-0753 Debian Security Information: DSA-742 (Google Search) http://www.debian.org/security/2005/dsa-742 http://www.gentoo.org/security/en/glsa/glsa-200504-16.xml http://bugs.gentoo.org/attachment.cgi?id=54352&action=view https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9688 http://www.redhat.com/support/errata/RHSA-2005-387.html http://secunia.com/advisories/14976/ SuSE Security Announcement: SUSE-SA:2005:024 (Google Search) http://www.novell.com/linux/security/advisories/2005_24_cvs.html XForce ISS Database: cvs-bo(20148) https://exchange.xforce.ibmcloud.com/vulnerabilities/20148
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com