Test Kennung:	1.3.6.1.4.1.25623.1.0.67064
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2010:0144
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2010:0144. GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. (CVE-2010-0624) Red Hat would like to thank Jakob Lell for responsibly reporting the CVE-2010-0624 issue. A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially-crafted archive, it could cause the cpio executable to crash. (CVE-2007-4476) Users of cpio are advised to upgrade to this updated package, which contains backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0144.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 7.5
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4476 BugTraq ID: 26445 http://www.securityfocus.com/bid/26445 Debian Security Information: DSA-1438 (Google Search) http://www.debian.org/security/2007/dsa-1438 Debian Security Information: DSA-1566 (Google Search) http://www.debian.org/security/2008/dsa-1566 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00370.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00073.html http://security.gentoo.org/glsa/glsa-200711-18.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:197 http://www.mandriva.com/security/advisories?name=MDKSA-2007:233 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7114 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8599 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9336 http://www.redhat.com/support/errata/RHSA-2010-0141.html http://www.redhat.com/support/errata/RHSA-2010-0144.html http://secunia.com/advisories/26674 http://secunia.com/advisories/26987 http://secunia.com/advisories/27331 http://secunia.com/advisories/27453 http://secunia.com/advisories/27514 http://secunia.com/advisories/27681 http://secunia.com/advisories/27857 http://secunia.com/advisories/28255 http://secunia.com/advisories/29968 http://secunia.com/advisories/32051 http://secunia.com/advisories/33567 http://secunia.com/advisories/39008 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021680.1-1 SuSE Security Announcement: SUSE-SR:2007:018 (Google Search) http://www.novell.com/linux/security/advisories/2007_18_sr.html SuSE Security Announcement: SUSE-SR:2007:019 (Google Search) http://www.novell.com/linux/security/advisories/2007_19_sr.html http://www.ubuntu.com/usn/usn-650-1 http://www.ubuntu.com/usn/usn-709-1 http://www.vupen.com/english/advisories/2010/0628 http://www.vupen.com/english/advisories/2010/0629 Common Vulnerability Exposure (CVE) ID: CVE-2010-0624 Bugtraq: 20101027 rPSA-2010-0070-1 cpio tar (Google Search) http://www.securityfocus.com/archive/1/514503/100/0/threaded http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036668.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038134.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038149.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037395.html http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037401.html http://security.gentoo.org/glsa/glsa-201111-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:065 http://www.agrs.tu-berlin.de/index.php?id=78327 http://osvdb.org/62950 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10277 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6907 http://www.redhat.com/support/errata/RHSA-2010-0142.html http://www.redhat.com/support/errata/RHSA-2010-0145.html http://secunia.com/advisories/38869 http://secunia.com/advisories/38988 SuSE Security Announcement: SUSE-SR:2010:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://www.ubuntu.com/usn/USN-2456-1 http://www.vupen.com/english/advisories/2010/0639 http://www.vupen.com/english/advisories/2010/0687 http://www.vupen.com/english/advisories/2010/0728 http://www.vupen.com/english/advisories/2010/0729 http://www.vupen.com/english/advisories/2010/1107
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.