Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200608-24 (AlsaPlayer)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57874

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200608-24 (AlsaPlayer)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200608-24.

AlsaPlayer is vulnerable to multiple buffer overflows which could lead to
the execution of arbitrary code.

Solution:
AlsaPlayer has been masked in Portage pending the resolution of these
issues. AlsaPlayer users are advised to uninstall the package until
further notice:

# emerge --ask --unmerge 'media-sound/alsaplayer'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200608-24
http://bugs.gentoo.org/show_bug.cgi?id=143402
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4089

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4089
BugTraq ID: 19450
http://www.securityfocus.com/bid/19450
Bugtraq: 20060809 Multiple buffer-overflows in AlsaPlayer 0.99.76 (Google Search)
http://www.securityfocus.com/archive/1/442725/100/0/threaded
Debian Security Information: DSA-1179 (Google Search)
http://www.debian.org/security/2006/dsa-1179
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0249.html
http://security.gentoo.org/glsa/glsa-200608-24.xml
http://aluigi.altervista.org/adv/alsapbof-adv.txt
http://www.osvdb.org/27883
http://www.osvdb.org/27884
http://www.osvdb.org/27885
http://secunia.com/advisories/21422
http://secunia.com/advisories/21639
http://secunia.com/advisories/21749
http://secunia.com/advisories/22018
http://securityreason.com/securityalert/1356
SuSE Security Announcement: SUSE-SR:2006:021 (Google Search)
http://www.novell.com/linux/security/advisories/2006_21_sr.html
http://www.vupen.com/english/advisories/2006/3235
XForce ISS Database: alsaplayer-cddblookup-bo(28308)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28308
XForce ISS Database: alsaplayer-gtkplaylist-bo(28307)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28307
XForce ISS Database: alsaplayer-reconnect-bo(28306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28306

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57874
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200608-24 (AlsaPlayer)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200608-24. AlsaPlayer is vulnerable to multiple buffer overflows which could lead to the execution of arbitrary code. Solution: AlsaPlayer has been masked in Portage pending the resolution of these issues. AlsaPlayer users are advised to uninstall the package until further notice: # emerge --ask --unmerge 'media-sound/alsaplayer' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200608-24 http://bugs.gentoo.org/show_bug.cgi?id=143402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4089 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4089 BugTraq ID: 19450 http://www.securityfocus.com/bid/19450 Bugtraq: 20060809 Multiple buffer-overflows in AlsaPlayer 0.99.76 (Google Search) http://www.securityfocus.com/archive/1/442725/100/0/threaded Debian Security Information: DSA-1179 (Google Search) http://www.debian.org/security/2006/dsa-1179 http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0249.html http://security.gentoo.org/glsa/glsa-200608-24.xml http://aluigi.altervista.org/adv/alsapbof-adv.txt http://www.osvdb.org/27883 http://www.osvdb.org/27884 http://www.osvdb.org/27885 http://secunia.com/advisories/21422 http://secunia.com/advisories/21639 http://secunia.com/advisories/21749 http://secunia.com/advisories/22018 http://securityreason.com/securityalert/1356 SuSE Security Announcement: SUSE-SR:2006:021 (Google Search) http://www.novell.com/linux/security/advisories/2006_21_sr.html http://www.vupen.com/english/advisories/2006/3235 XForce ISS Database: alsaplayer-cddblookup-bo(28308) https://exchange.xforce.ibmcloud.com/vulnerabilities/28308 XForce ISS Database: alsaplayer-gtkplaylist-bo(28307) https://exchange.xforce.ibmcloud.com/vulnerabilities/28307 XForce ISS Database: alsaplayer-reconnect-bo(28306) https://exchange.xforce.ibmcloud.com/vulnerabilities/28306
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com