1 2 3 4 5 6

Vulnerabilidades rss pdf

Coordinación de Seguridad de la Información - UNAM-CERT -- DGTIC-UNAM

Vulnerabilidad de Seguridad UNAM-CERT-2005-437 Actualización de Mandriva para Mozilla.

Mandriva liberó una actualización para Mozilla. Esta repara varias vulnerabilidades que pueden explotarse para manipular datos, burlar ciertas restricciones de seguridad, ataques de spoofing y comprometer el sistema de un usuario.

  • Fecha de Liberación: 27-Sep-2005
  • Ultima Revisión: 27-Sep-2005
  • Fuente:

    Mandriva Security Advisories.
    MDKSA-2005:170

  • CVE ID: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704 CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
  • Riesgo Altamente crítico
  • Problema de Vulnerabilidad Remoto
  • Tipo de Vulnerabilidad Múltiples vulnerabilidades

Sistemas Afectados

Mandrake 10.0 Mozilla Suite < 1.7.8
Mandrake CS3.0 Mozilla Suite < 1.7.8
  1. Descripción

    Mandriva liberó una actualización para Mozilla. Esta repara varias vulnerabilidades que pueden explotarse por personas maliciosas para manipular datos, burlar ciertas restricciones de seguridad, ataques de spoofing y comprometer el sistema de un usuario.

    Ver:
    Múltiples vulnerabilidades en Firefox.

  2. Impacto

    Security Bypass.

    Spoofing.

    Manipulación de datos.

    Acceso al sistema.

  3. Solución

    Instalar paquetes actualizados.

    Mandrakelinux 10.1
    
    98862a59fbf6d6eb5db05dd89cdd7a56 10.1/RPMS/libnspr4-1.7.8-0.3.101mdk.i586.rpm
    7b75d7436ddc167dc64b5361fbdf6851 10.1/RPMS/libnspr4-devel-1.7.8-0.3.101mdk.i586.rpm
    9e8eb18bea99ae419f5a1cab5ffef6b2 10.1/RPMS/libnss3-1.7.8-0.3.101mdk.i586.rpm
    7427a69600ffffa87f60603b3c603935 10.1/RPMS/libnss3-devel-1.7.8-0.3.101mdk.i586.rpm
    fe4003cfd5775a11a789dbb56282cea6 10.1/RPMS/mozilla-1.7.8-0.3.101mdk.i586.rpm
    b66c918e364a92ed461e598164adac76 10.1/RPMS/mozilla-devel-1.7.8-0.3.101mdk.i586.rpm
    1b5d1b456686b187ae7c3388a9591247 10.1/RPMS/mozilla-dom-inspector-1.7.8-0.3.101mdk.i586.rpm
    839c117682b0d888963511e88eaba2e9 10.1/RPMS/mozilla-enigmail-1.7.8-0.3.101mdk.i586.rpm
    a11a7c6afcb7c3fd2044c8b2f9a8bbc2 10.1/RPMS/mozilla-enigmime-1.7.8-0.3.101mdk.i586.rpm
    53eb2dc1a62352b2e17438c89418c527 10.1/RPMS/mozilla-irc-1.7.8-0.3.101mdk.i586.rpm
    0c249773876d3b8bf77c675f897bb6ff 10.1/RPMS/mozilla-js-debugger-1.7.8-0.3.101mdk.i586.rpm
    f6cfd1650616de8edf2c158ca8648c56 10.1/RPMS/mozilla-mail-1.7.8-0.3.101mdk.i586.rpm
    f521e0837986889581f026f734d1703f 10.1/RPMS/mozilla-spellchecker-1.7.8-0.3.101mdk.i586.rpm
    5c5d9bcb713136927980c374d8719ed4 10.1/SRPMS/mozilla-1.7.8-0.3.101mdk.src.rpm
    
    Mandrakelinux 10.1/X86_64
    
    ce6e99481e523896aea8cc1e91c51523 x86_64/10.1/RPMS/lib64nspr4-1.7.8-0.3.101mdk.x86_64.rpm
    fadccb049a886a1ddf8cf03920ea120f x86_64/10.1/RPMS/lib64nspr4-devel-1.7.8-0.3.101mdk.x86_64.rpm
    98862a59fbf6d6eb5db05dd89cdd7a56 x86_64/10.1/RPMS/libnspr4-1.7.8-0.3.101mdk.i586.rpm
    df7c4331144029e67bd9493571626aff x86_64/10.1/RPMS/lib64nss3-1.7.8-0.3.101mdk.x86_64.rpm
    bdd269e07644d46d4e380878bf0746e8 x86_64/10.1/RPMS/lib64nss3-devel-1.7.8-0.3.101mdk.x86_64.rpm
    9e8eb18bea99ae419f5a1cab5ffef6b2 x86_64/10.1/RPMS/libnss3-1.7.8-0.3.101mdk.i586.rpm
    da3d352c690a7fc91cb83dc49819cd2a x86_64/10.1/RPMS/mozilla-1.7.8-0.3.101mdk.x86_64.rpm
    b13b4dc501a6eff651a4ef6d3b371b44 x86_64/10.1/RPMS/mozilla-devel-1.7.8-0.3.101mdk.x86_64.rpm
    5b13733c766009ebfd0aca606ac224f2 x86_64/10.1/RPMS/mozilla-dom-inspector-1.7.8-0.3.101mdk.x86_64.rpm
    3dfab88b55900580d0588fd7c8a6e219 x86_64/10.1/RPMS/mozilla-enigmail-1.7.8-0.3.101mdk.x86_64.rpm
    e5892c4a8bd56b4a9cea3e8e21bc83b5 x86_64/10.1/RPMS/mozilla-enigmime-1.7.8-0.3.101mdk.x86_64.rpm
    84946972d12ce8109d41f9bbcc99a796 x86_64/10.1/RPMS/mozilla-irc-1.7.8-0.3.101mdk.x86_64.rpm
    ee060262c82cd51501b9645d9bb93c91 x86_64/10.1/RPMS/mozilla-js-debugger-1.7.8-0.3.101mdk.x86_64.rpm
    30cfa0281f3f6a2b6d25bfb1132f7b0d x86_64/10.1/RPMS/mozilla-mail-1.7.8-0.3.101mdk.x86_64.rpm
    fb3f368becb9ebe11c16dd41a299e59a x86_64/10.1/RPMS/mozilla-spellchecker-1.7.8-0.3.101mdk.x86_64.rpm
    5c5d9bcb713136927980c374d8719ed4 x86_64/10.1/SRPMS/mozilla-1.7.8-0.3.101mdk.src.rpm
    
    Corporate Server 3.0
    
    4d292376b2e472f830b5f4aa42068909 corporate/3.0/RPMS/libnspr4-1.7.8-0.3.C30mdk.i586.rpm
    be7ea7688875e5fe4ebed3c2102e8dfa corporate/3.0/RPMS/libnspr4-devel-1.7.8-0.3.C30mdk.i586.rpm
    1a2e78d8bc3730ee5247566cf9f6e451 corporate/3.0/RPMS/libnss3-1.7.8-0.3.C30mdk.i586.rpm
    8da9e0004e40168e2d14123d03ed412e corporate/3.0/RPMS/libnss3-devel-1.7.8-0.3.C30mdk.i586.rpm
    1a9ae203c7a92f7b28ed492b1a5b409f corporate/3.0/RPMS/mozilla-1.7.8-0.3.C30mdk.i586.rpm
    5c962618de8f8f32d51d408b9512e159 corporate/3.0/RPMS/mozilla-devel-1.7.8-0.3.C30mdk.i586.rpm
    b455b06389295360aca3d2d425b37167 corporate/3.0/RPMS/mozilla-dom-inspector-1.7.8-0.3.C30mdk.i586.rpm
    6545f2c00a2945b4876809e640af477f corporate/3.0/RPMS/mozilla-enigmail-1.7.8-0.3.C30mdk.i586.rpm
    484a08328be60b82fd7da351cfd2b27c corporate/3.0/RPMS/mozilla-enigmime-1.7.8-0.3.C30mdk.i586.rpm
    12485fa965a7d7e16b9499a049fa32d1 corporate/3.0/RPMS/mozilla-irc-1.7.8-0.3.C30mdk.i586.rpm
    651c02d92b878bbe72c3fb014928aad3 corporate/3.0/RPMS/mozilla-js-debugger-1.7.8-0.3.C30mdk.i586.rpm
    0e691e34a0507e43cc40290f4ee00664 corporate/3.0/RPMS/mozilla-mail-1.7.8-0.3.C30mdk.i586.rpm
    fc6fe3d8752b7fc011a9b423acbedddf corporate/3.0/RPMS/mozilla-spellchecker-1.7.8-0.3.C30mdk.i586.rpm
    63155b5fb6b43c0058cf1ca880707271 corporate/3.0/SRPMS/mozilla-1.7.8-0.3.C30mdk.src.rpm
    
    Corporate Server 3.0/X86_64
    
    bd7d2846823a5988f742d1a90b82592e x86_64/corporate/3.0/RPMS/lib64nspr4-1.7.8-0.3.C30mdk.x86_64.rpm
    f1e0909cca43f58ee6a27f29f6347ee1 x86_64/corporate/3.0/RPMS/lib64nspr4-devel-1.7.8-0.3.C30mdk.x86_64.rpm
    b753668e90a44fbcad600fbaf0375323 x86_64/corporate/3.0/RPMS/lib64nss3-1.7.8-0.3.C30mdk.x86_64.rpm
    0859991a0652bfa39041f7d8391ddca3 x86_64/corporate/3.0/RPMS/lib64nss3-devel-1.7.8-0.3.C30mdk.x86_64.rpm
    e88886fad7ac2d94725a00df8674da33 x86_64/corporate/3.0/RPMS/mozilla-1.7.8-0.3.C30mdk.x86_64.rpm
    1c3f3ae94e4479b1f57645be562c060b x86_64/corporate/3.0/RPMS/mozilla-devel-1.7.8-0.3.C30mdk.x86_64.rpm
    2d7875c006f17c48c19487ca60891ec3 x86_64/corporate/3.0/RPMS/mozilla-dom-inspector-1.7.8-0.3.C30mdk.x86_64.rpm
    5018aa698bd6007b886da4c87e15a675 x86_64/corporate/3.0/RPMS/mozilla-enigmail-1.7.8-0.3.C30mdk.x86_64.rpm
    22d583ca004e599529dc205cce7dec75 x86_64/corporate/3.0/RPMS/mozilla-enigmime-1.7.8-0.3.C30mdk.x86_64.rpm
    42edd5f3f1ff285f3995e2e8dec60c58 x86_64/corporate/3.0/RPMS/mozilla-irc-1.7.8-0.3.C30mdk.x86_64.rpm
    d7a2e219ad7d083cd174268322e91bfe x86_64/corporate/3.0/RPMS/mozilla-js-debugger-1.7.8-0.3.C30mdk.x86_64.rpm
    408444bc05b4e98c9f478651f66101a5 x86_64/corporate/3.0/RPMS/mozilla-mail-1.7.8-0.3.C30mdk.x86_64.rpm
    bba893fa0db446e56405ca330e417f23 x86_64/corporate/3.0/RPMS/mozilla-spellchecker-1.7.8-0.3.C30mdk.x86_64.rpm
    63155b5fb6b43c0058cf1ca880707271 x86_64/corporate/3.0/SRPMS/mozilla-1.7.8-0.3.C30mdk.src.rpm
    

    Para actualizar automaticamente utilice MandrakeUpdate.

  4. Apéndices

    Mayor información.

    http://www.mandriva.com/security/advisories-name=MDKSA-2005:170
    http://www.seguridad.unam.mx/vulnerabilidadesDB-vulne=4781

La Coordinación de Seguridad de la Información/UNAM-CERT agradece el apoyo en la elaboración ó traducción y revisión de éste Documento a:

  • Floriberto López Velázquez (flopez at seguridad dot unam dot mx)

UNAM-CERT
Equipo de Respuesta a Incidentes UNAM
Coordinación de Seguridad de la Información

incidentes at seguridad.unam.mx
phishing at seguridad.unam.mx
http://www.cert.org.mx
http://www.seguridad.unam.mx
ftp://ftp.seguridad.unam.mx
Tel: 56 22 81 69
Fax: 56 22 80 47


Universidad Nacional Autonoma de México Aviso legal |  Créditos |  Staff |  Administración
Copyright © Todos los derechos reservados
UNAM - CERT