Test Kennung:	1.3.6.1.4.1.25623.1.0.880616
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for gzip CESA-2010:0061 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'gzip'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gzip' package(s) announced via the referenced advisory. Vulnerability Insight: The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. If a victim expanded a specially-crafted archive, it could cause gzip to crash or, potentially, execute arbitrary code with the privileges of the user running gzip. This flaw only affects 64-bit systems. (CVE-2010-0001) Red Hat would like to thank Aki Helin of the Oulu University Secure Programming Group for responsibly reporting this flaw. Users of gzip should upgrade to this updated package, which contains a backported patch to correct this issue. Affected Software/OS: gzip on CentOS 5 Solution: Please install the updated packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0001 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Debian Security Information: DSA-1974 (Google Search) http://www.debian.org/security/2010/dsa-1974 Debian Security Information: DSA-2074 (Google Search) http://www.debian.org/security/2010/dsa-2074 HPdes Security Advisory: HPSBMA02554 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 HPdes Security Advisory: SSRT100018 http://www.mandriva.com/security/advisories?name=MDVSA-2010:019 http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 http://www.mandriva.com/security/advisories?name=MDVSA-2011:152 http://www.osvdb.org/61869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10546 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7511 http://www.redhat.com/support/errata/RHSA-2010-0061.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://securitytracker.com/id?1023490 http://secunia.com/advisories/38220 http://secunia.com/advisories/38223 http://secunia.com/advisories/38225 http://secunia.com/advisories/38232 http://secunia.com/advisories/40551 http://secunia.com/advisories/40655 http://secunia.com/advisories/40689 SuSE Security Announcement: SUSE-SA:2010:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.ubuntu.com/usn/USN-889-1 http://www.vupen.com/english/advisories/2010/0185 http://www.vupen.com/english/advisories/2010/1796 http://www.vupen.com/english/advisories/2010/1872
Copyright	Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.