Alert GCSA-07030 - Vulnerabilita' multiple in Netscape
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-07030
Data : 3 aprile 2007
Titolo : Vulnerabilita' multiple in Netscape
******************************************************************
: Descrizione del problema
Sono state riscontrate alcune vulnerabilita' in Netscape che potrebbero essere
sfruttate da un attaccante remoto per condurre attacchi di tipo
man-in-the-middle, spoofing e cross-site scripting, e potenzialmente
per compromettere il sistema vulnerabile.
: Piattaforme e software interessati
Netscape: versioni precedenti alla 8.1.3
: Impatto
DoS
Bypass delle restrizioni di sicurezza
Possibile compromissione del sistema
: Soluzioni
Aggiornare Netscape alla versione 8.1.3 :
http://browser.netscape.com/ns8/download/default.jsp
http://ftp.netscape.com/pub/netscape8...3/windows/win32/nsb-install-8-1-3.exe
: Riferimenti
Netscape:
http://browser.netscape.com/ns8/security/alerts.jsp
FrSIRT:
http://www.frsirt.com/english/advisories/2007/1198
Secunia:
http://secunia.com/advisories/24711/
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRhJADvOB+SpikaiRAQIhTwQAnilP7nqE3o0FYh2EwlieA8L2fZDsmAv+
jTDIkiyRdesm+UPLTz3CVnct+ZjCs15BO9aBB+/HL4DHuVMROfwwMROE3je51EZ+
zMiwNUoehwSTGc2G1Lz1ad/3nUVERmdo6SfWpuG52TPBy3QznHNxAVeDiDIATETo
jDJT+CNo9pY=
=5jld
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-07030
Data : 3 aprile 2007
Titolo : Vulnerabilita' multiple in Netscape
******************************************************************
: Descrizione del problema
Sono state riscontrate alcune vulnerabilita' in Netscape che potrebbero essere
sfruttate da un attaccante remoto per condurre attacchi di tipo
man-in-the-middle, spoofing e cross-site scripting, e potenzialmente
per compromettere il sistema vulnerabile.
: Piattaforme e software interessati
Netscape: versioni precedenti alla 8.1.3
: Impatto
DoS
Bypass delle restrizioni di sicurezza
Possibile compromissione del sistema
: Soluzioni
Aggiornare Netscape alla versione 8.1.3 :
http://browser.netscape.com/ns8/download/default.jsp
http://ftp.netscape.com/pub/netscape8...3/windows/win32/nsb-install-8-1-3.exe
: Riferimenti
Netscape:
http://browser.netscape.com/ns8/security/alerts.jsp
FrSIRT:
http://www.frsirt.com/english/advisories/2007/1198
Secunia:
http://secunia.com/advisories/24711/
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRhJADvOB+SpikaiRAQIhTwQAnilP7nqE3o0FYh2EwlieA8L2fZDsmAv+
jTDIkiyRdesm+UPLTz3CVnct+ZjCs15BO9aBB+/HL4DHuVMROfwwMROE3je51EZ+
zMiwNUoehwSTGc2G1Lz1ad/3nUVERmdo6SfWpuG52TPBy3QznHNxAVeDiDIATETo
jDJT+CNo9pY=
=5jld
-----END PGP SIGNATURE-----