ID de Prueba:	1.3.6.1.4.1.25623.1.0.64642
Categoría:	SuSE Local Security Checks
Título:	SuSE Security Advisory SUSE-SA:2009:044 (subversion)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory SUSE-SA:2009:044. Subversion is a revision control system, which is mainly used for code development. The ibsvn_delta library is vulnerable to integer overflows while processing svndiff streams, this leads to overflows on the heap because of insufficient memory allocation. This bug can be exploited by clients with commit access to cause a remote denial-of-service or arbitrary code execution. It can also be exploited in the other direction from a server to a client that tries to do a checkout or update. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:044 CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2411 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html BugTraq ID: 35983 http://www.securityfocus.com/bid/35983 Bugtraq: 20090807 Subversion heap overflow (Google Search) http://archives.neohapsis.com/archives/bugtraq/2009-08/0056.html Debian Security Information: DSA-1855 (Google Search) http://www.debian.org/security/2009/dsa-1855 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00469.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00485.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:199 http://svn.haxx.se/dev/archive-2009-08/0110.shtml http://svn.haxx.se/dev/archive-2009-08/0108.shtml http://svn.haxx.se/dev/archive-2009-08/0107.shtml http://osvdb.org/56856 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11465 http://www.redhat.com/support/errata/RHSA-2009-1203.html http://www.securitytracker.com/id?1022697 http://secunia.com/advisories/36184 http://secunia.com/advisories/36224 http://secunia.com/advisories/36232 http://secunia.com/advisories/36257 http://secunia.com/advisories/36262 http://www.ubuntu.com/usn/usn-812-1 http://www.vupen.com/english/advisories/2009/2180 http://www.vupen.com/english/advisories/2009/3184 Common Vulnerability Exposure (CVE) ID: CVE-2009-2666 BugTraq ID: 35951 http://www.securityfocus.com/bid/35951 Bugtraq: 20090806 fetchmail security announcement fetchmail-SA-2009-01 (CVE-2009-2666) (Google Search) http://www.securityfocus.com/archive/1/505530/100/0/threaded Debian Security Information: DSA-1852 (Google Search) http://www.debian.org/security/2009/dsa-1852 http://www.mandriva.com/security/advisories?name=MDVSA-2009:201 http://marc.info/?l=oss-security&m=124949601207156&w=2 http://osvdb.org/56855 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11059 http://www.securitytracker.com/id?1022679 http://secunia.com/advisories/36175 http://secunia.com/advisories/36179 http://secunia.com/advisories/36236 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.543463 http://www.vupen.com/english/advisories/2009/2155
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.