ID de Prueba:	1.3.6.1.4.1.25623.1.0.59893
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:1059
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:1059. PCRE is a Perl-compatible regular expression library. Flaws were discovered in the way PCRE handles certain malformed regular expressions. If an application linked against PCRE, such as Konqueror, parses a malicious regular expression, it may have been possible to run arbitrary code as the user running the application. (CVE-2006-7225, CVE-2006-7226, CVE-2006-7228, CVE-2006-7230) Users of PCRE are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Red Hat would like to thank Ludwig Nussel for reporting these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1059.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-7225 BugTraq ID: 26725 http://www.securityfocus.com/bid/26725 http://www.mandriva.com/security/advisories?name=MDVSA-2008:030 https://bugzilla.redhat.com/show_bug.cgi?id=384761 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10985 http://www.redhat.com/support/errata/RHSA-2007-1059.html http://www.redhat.com/support/errata/RHSA-2007-1068.html http://secunia.com/advisories/28041 http://secunia.com/advisories/28658 SuSE Security Announcement: SUSE-SA:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2006-7226 BugTraq ID: 26727 http://www.securityfocus.com/bid/26727 https://bugzilla.redhat.com/show_bug.cgi?id=384781 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11545 XForce ISS Database: pcre-library-subpattern-dos(40020) https://exchange.xforce.ibmcloud.com/vulnerabilities/40020 Common Vulnerability Exposure (CVE) ID: CVE-2006-7228 BugTraq ID: 26462 http://www.securityfocus.com/bid/26462 Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search) http://www.securityfocus.com/archive/1/488457/100/0/threaded Bugtraq: 20080416 VMSA-2008-0007 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus (Google Search) http://www.securityfocus.com/archive/1/490917/100/0/threaded Debian Security Information: DSA-1570 (Google Search) http://www.debian.org/security/2008/dsa-1570 http://security.gentoo.org/glsa/glsa-200711-30.xml http://security.gentoo.org/glsa/glsa-200801-02.xml http://security.gentoo.org/glsa/glsa-200801-18.xml http://security.gentoo.org/glsa/glsa-200801-19.xml http://security.gentoo.org/glsa/glsa-200802-10.xml http://security.gentoo.org/glsa/glsa-200805-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:012 http://bugs.gentoo.org/show_bug.cgi?id=198976 http://scary.beasts.org/security/CESA-2007-006.html https://bugzilla.redhat.com/show_bug.cgi?id=383371 http://lists.vmware.com/pipermail/security-announce/2008/000005.html http://lists.vmware.com/pipermail/security-announce/2008/000014.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10810 http://www.redhat.com/support/errata/RHSA-2007-1063.html http://www.redhat.com/support/errata/RHSA-2007-1065.html http://www.redhat.com/support/errata/RHSA-2007-1076.html http://www.redhat.com/support/errata/RHSA-2007-1077.html http://www.redhat.com/support/errata/RHSA-2008-0546.html http://secunia.com/advisories/27582 http://secunia.com/advisories/27741 http://secunia.com/advisories/27773 http://secunia.com/advisories/27776 http://secunia.com/advisories/28027 http://secunia.com/advisories/28050 http://secunia.com/advisories/28406 http://secunia.com/advisories/28414 http://secunia.com/advisories/28714 http://secunia.com/advisories/28720 http://secunia.com/advisories/29032 http://secunia.com/advisories/29085 http://secunia.com/advisories/29785 http://secunia.com/advisories/30106 http://secunia.com/advisories/30155 http://secunia.com/advisories/30219 http://secunia.com/advisories/31124 SuSE Security Announcement: SUSE-SA:2007:062 (Google Search) http://www.novell.com/linux/security/advisories/2007_62_pcre.html http://www.vupen.com/english/advisories/2008/0637 http://www.vupen.com/english/advisories/2008/1234/references Common Vulnerability Exposure (CVE) ID: CVE-2006-7230 BugTraq ID: 26550 http://www.securityfocus.com/bid/26550 https://bugzilla.redhat.com/show_bug.cgi?id=384801 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10911
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.