The remote host is missing updates announced in
advisory GLSA 200606-30.
A security vulnerability in the iaxclient library could lead to the
execution of arbitrary code by a remote attacker.
Solution:
All Kiax users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/kiax-0.8.5_p1'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200606-30
http://bugs.gentoo.org/show_bug.cgi?id=136099
Risk factor : Medium
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-2923
Bugtraq: 20060609 CORE-2006-0327: IAXclient truncated frames vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/436638/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200606-30.xml
BugTraq ID: 18307
http://www.securityfocus.com/bid/18307
http://www.frsirt.com/english/advisories/2006/2286
http://www.frsirt.com/english/advisories/2006/2284
http://www.frsirt.com/english/advisories/2006/2285
http://www.frsirt.com/english/advisories/2006/2180
http://secunia.com/advisories/20466
http://secunia.com/advisories/20623
http://secunia.com/advisories/20560
http://secunia.com/advisories/20567
http://secunia.com/advisories/20900
Fuente: www.securityspace.com
sábado, 17 de febrero de 2007
Gentoo Security Advisory GLSA 200606-30 (kiax)
Etiquetas:
SEGURIDAD INFORMATICA
Suscribirse a:
Comentarios de la entrada (Atom)
No hay comentarios.:
Publicar un comentario