Test Kennung:	1.3.6.1.4.1.25623.1.0.70506
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2011:152 (ncompress)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to ncompress announced via advisory MDVSA-2011:152. A vulnerability has been found and corrected in ncompress: An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip (CVE-2010-0001). The updated packages have been upgraded to the 4.2.4.4 version which is not vulnerable to this issue. Affected: 2010.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2011:152 Risk factor : High
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0001 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 Debian Security Information: DSA-2074 (Google Search) http://www.debian.org/security/2010/dsa-2074 HPdes Security Advisory: HPSBMA02554 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 HPdes Security Advisory: SSRT100018 http://www.mandriva.com/security/advisories?name=MDVSA-2010:019 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://www.mandriva.com/security/advisories?name=MDVSA-2011:152 http://www.osvdb.org/61869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10546 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7511 http://www.redhat.com/support/errata/RHSA-2010-0061.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://securitytracker.com/id?1023490 http://secunia.com/advisories/38220 http://secunia.com/advisories/38223 http://secunia.com/advisories/38225 http://secunia.com/advisories/38232 http://secunia.com/advisories/40551 http://secunia.com/advisories/40655 http://secunia.com/advisories/40689 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.vupen.com/english/advisories/2010/0185 http://www.vupen.com/english/advisories/2010/1796 http://www.vupen.com/english/advisories/2010/1872
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.