|
Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2005:031: opera Vulnerability Scan
Vulnerability Scan Summary Check for the version of the opera package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2005:031 (opera).
The commercial web browser Opera has been updated to the 8.0 version,
fixing all currently known security problems, including:
- CVE-2005-0235: IDN cloaking / homograph attack allows easy
spoofing of domain names.
- CVE-2005-0456: Opera did not validate base64 encoded binary in data:
URLs correctly.
- CVE-2005-1139: Opera showed the Organizational Information of SSL
certificates which could be easily spoofed and be used for phishing
attacks.
A full Changelog can be found on:
http://www.opera.com/linux/changelogs/800/
Solution : http://www.suse.de/security/advisories/2005_31_opera.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|