ID de Prueba:	1.3.6.1.4.1.25623.1.0.54572
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200405-12 (cvs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200405-12. CVS is subject to a heap overflow vulnerability allowing source repository compromise. Solution: All users running a CVS server should upgrade to the latest stable version: # emerge sync # emerge -pv '>=dev-util/cvs-1.11.16' # emerge '>=dev-util/cvs-1.11.16' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200405-12 http://bugs.gentoo.org/show_bug.cgi?id=51460 http://security.e-matters.de/advisories/072004.html CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 10384 Common Vulnerability Exposure (CVE) ID: CVE-2004-0396 http://www.securityfocus.com/bid/10384 Bugtraq: 20040519 Advisory 07/2004: CVS remote vulnerability (Google Search) http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html http://marc.info/?l=bugtraq&m=108498454829020&w=2 Bugtraq: 20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs) (Google Search) http://marc.info/?l=bugtraq&m=108500040719512&w=2 Cert/CC Advisory: TA04-147A http://www.us-cert.gov/cas/techalerts/TA04-147A.html CERT/CC vulnerability note: VU#192038 http://www.kb.cert.org/vuls/id/192038 Computer Incident Advisory Center Bulletin: O-147 http://www.ciac.org/ciac/bulletins/o-147.shtml Debian Security Information: DSA-505 (Google Search) http://www.debian.org/security/2004/dsa-505 http://marc.info/?l=bugtraq&m=108636445031613&w=2 FreeBSD Security Advisory: FreeBSD-SA-04:10 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html http://security.gentoo.org/glsa/glsa-200405-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:048 http://security.e-matters.de/advisories/072004.html NETBSD Security Advisory: NetBSD-SA2004-008 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc OpenBSD Security Advisory: 20040520 cvs server buffer overflow vulnerability http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2 http://www.osvdb.org/6305 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970 http://www.redhat.com/support/errata/RHSA-2004-190.html http://secunia.com/advisories/11641 http://secunia.com/advisories/11647 http://secunia.com/advisories/11651 http://secunia.com/advisories/11652 http://secunia.com/advisories/11674 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865 SuSE Security Announcement: SuSE-SA:2004:013 (Google Search) http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html XForce ISS Database: cvs-entry-line-bo(16193) https://exchange.xforce.ibmcloud.com/vulnerabilities/16193
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.