Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:044 (cvs)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72030

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:044 (cvs)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to cvs
announced via advisory MDVSA-2012:044.

A vulnerability has been found and corrected in cvs:

A heap-based buffer overflow flaw was found in the way the CVS client
handled responses from HTTP proxies. A malicious HTTP proxy could
use this flaw to cause the CVS client to crash or, possibly, execute
arbitrary code with the privileges of the user running the CVS client
(CVE-2012-0804).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:044

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-0804
BugTraq ID: 51943
http://www.securityfocus.com/bid/51943
Debian Security Information: DSA-2407 (Google Search)
http://www.debian.org/security/2012/dsa-2407
https://security.gentoo.org/glsa/201701-44
http://www.mandriva.com/security/advisories?name=MDVSA-2012:044
https://bugzilla.redhat.com/show_bug.cgi?id=784141
http://www.osvdb.org/78987
RedHat Security Advisories: RHSA-2012:0321
http://rhn.redhat.com/errata/RHSA-2012-0321.html
http://www.securitytracker.com/id?1026719
http://secunia.com/advisories/47869
http://secunia.com/advisories/48063
http://secunia.com/advisories/48142
http://secunia.com/advisories/48150
SuSE Security Announcement: openSUSE-SU-2012:0310 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html
http://ubuntu.com/usn/usn-1371-1
XForce ISS Database: cvs-proxyconnect-bo(73097)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73097

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72030
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:044 (cvs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to cvs announced via advisory MDVSA-2012:044. A vulnerability has been found and corrected in cvs: A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client (CVE-2012-0804). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:044 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0804 BugTraq ID: 51943 http://www.securityfocus.com/bid/51943 Debian Security Information: DSA-2407 (Google Search) http://www.debian.org/security/2012/dsa-2407 https://security.gentoo.org/glsa/201701-44 http://www.mandriva.com/security/advisories?name=MDVSA-2012:044 https://bugzilla.redhat.com/show_bug.cgi?id=784141 http://www.osvdb.org/78987 RedHat Security Advisories: RHSA-2012:0321 http://rhn.redhat.com/errata/RHSA-2012-0321.html http://www.securitytracker.com/id?1026719 http://secunia.com/advisories/47869 http://secunia.com/advisories/48063 http://secunia.com/advisories/48142 http://secunia.com/advisories/48150 SuSE Security Announcement: openSUSE-SU-2012:0310 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html http://ubuntu.com/usn/usn-1371-1 XForce ISS Database: cvs-proxyconnect-bo(73097) https://exchange.xforce.ibmcloud.com/vulnerabilities/73097
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com