Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200708-03 (libarchive)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58538

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200708-03 (libarchive)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200708-03.

Multiple vulnerabilities were found in libarchive (formerly named as
app-archive/bsdtar), possibly allowing for the execution of arbitrary code
or a Denial of Service.

Solution:
All libarchive or bsdtar users should upgrade to the latest libarchive
version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-arch/libarchive-2.2.4'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200708-03
http://bugs.gentoo.org/show_bug.cgi?id=184984

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3641
BugTraq ID: 24885
http://www.securityfocus.com/bid/24885
Debian Security Information: DSA-1455 (Google Search)
http://www.debian.org/security/2008/dsa-1455
FreeBSD Security Advisory: FreeBSD-SA-07:05.libarchive
http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc
http://security.gentoo.org/glsa/glsa-200708-03.xml
http://security.freebsd.org/patches/SA-07:05/libarchive.patch
http://osvdb.org/38092
http://www.securitytracker.com/id?1018379
http://secunia.com/advisories/26050
http://secunia.com/advisories/26062
http://secunia.com/advisories/26355
http://secunia.com/advisories/28377
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.vupen.com/english/advisories/2007/2521
XForce ISS Database: freebsd-libarchive-pax-bo(35405)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35405
Common Vulnerability Exposure (CVE) ID: CVE-2007-3644
CERT/CC vulnerability note: VU#970849
http://www.kb.cert.org/vuls/id/970849
http://osvdb.org/38093
http://osvdb.org/38094
XForce ISS Database: freebsd-libarchive-pax-dos(35402)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35402
Common Vulnerability Exposure (CVE) ID: CVE-2007-3645
XForce ISS Database: freebsd-libarchive-null-pax-dos(35404)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35404

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58538
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200708-03 (libarchive)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200708-03. Multiple vulnerabilities were found in libarchive (formerly named as app-archive/bsdtar), possibly allowing for the execution of arbitrary code or a Denial of Service. Solution: All libarchive or bsdtar users should upgrade to the latest libarchive version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-arch/libarchive-2.2.4' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200708-03 http://bugs.gentoo.org/show_bug.cgi?id=184984 CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3641 BugTraq ID: 24885 http://www.securityfocus.com/bid/24885 Debian Security Information: DSA-1455 (Google Search) http://www.debian.org/security/2008/dsa-1455 FreeBSD Security Advisory: FreeBSD-SA-07:05.libarchive http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc http://security.gentoo.org/glsa/glsa-200708-03.xml http://security.freebsd.org/patches/SA-07:05/libarchive.patch http://osvdb.org/38092 http://www.securitytracker.com/id?1018379 http://secunia.com/advisories/26050 http://secunia.com/advisories/26062 http://secunia.com/advisories/26355 http://secunia.com/advisories/28377 SuSE Security Announcement: SUSE-SR:2007:015 (Google Search) http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.vupen.com/english/advisories/2007/2521 XForce ISS Database: freebsd-libarchive-pax-bo(35405) https://exchange.xforce.ibmcloud.com/vulnerabilities/35405 Common Vulnerability Exposure (CVE) ID: CVE-2007-3644 CERT/CC vulnerability note: VU#970849 http://www.kb.cert.org/vuls/id/970849 http://osvdb.org/38093 http://osvdb.org/38094 XForce ISS Database: freebsd-libarchive-pax-dos(35402) https://exchange.xforce.ibmcloud.com/vulnerabilities/35402 Common Vulnerability Exposure (CVE) ID: CVE-2007-3645 XForce ISS Database: freebsd-libarchive-null-pax-dos(35404) https://exchange.xforce.ibmcloud.com/vulnerabilities/35404
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com