Test Kennung:	1.3.6.1.4.1.25623.1.0.121082
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201312-01
Zusammenfassung:	Gentoo Linux Local Security Checks GLSA 201312-01
Beschreibung:	Summary: Gentoo Linux Local Security Checks GLSA 201312-01 Vulnerability Insight: Multiple vulnerabilities have been discovered in GNU C Library. Please review the CVE identifiers referenced below for details. Solution: Update the affected packages to the latest available version. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-5029 20111203 VSFTPD Remote Heap Overrun (low severity) http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html [libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/ http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2 https://bugzilla.redhat.com/show_bug.cgi?id=761245 Common Vulnerability Exposure (CVE) ID: CVE-2010-3847 20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/257 20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/292 20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/294 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap http://www.securityfocus.com/archive/1/515545/100/0/threaded 42787 http://secunia.com/advisories/42787 44024 https://www.exploit-db.com/exploits/44024/ 44025 https://www.exploit-db.com/exploits/44025/ 44154 http://www.securityfocus.com/bid/44154 ADV-2011-0025 http://www.vupen.com/english/advisories/2011/0025 DSA-2122 http://www.debian.org/security/2010/dsa-2122 GLSA-201011-01 http://security.gentoo.org/glsa/glsa-201011-01.xml MDVSA-2010:207 http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 RHSA-2010:0787 https://rhn.redhat.com/errata/RHSA-2010-0787.html RHSA-2010:0872 http://www.redhat.com/support/errata/RHSA-2010-0872.html SUSE-SA:2010:052 https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html USN-1009-1 http://www.ubuntu.com/usn/USN-1009-1 VU#537223 http://www.kb.cert.org/vuls/id/537223 [libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html http://support.avaya.com/css/P8/documents/100120941 http://www.vmware.com/security/advisories/VMSA-2011-0001.html https://bugzilla.redhat.com/show_bug.cgi?id=643306 Common Vulnerability Exposure (CVE) ID: CVE-2011-0536 1025289 http://securitytracker.com/id?1025289 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 43830 http://secunia.com/advisories/43830 43989 http://secunia.com/advisories/43989 46397 http://secunia.com/advisories/46397 ADV-2011-0863 http://www.vupen.com/english/advisories/2011/0863 DSA-2122-2 http://lists.debian.org/debian-security-announce/2011/msg00005.html MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 RHSA-2011:0412 http://www.redhat.com/support/errata/RHSA-2011-0412.html RHSA-2011:0413 http://www.redhat.com/support/errata/RHSA-2011-0413.html USN-1009-2 http://www.ubuntu.com/usn/USN-1009-2 [oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/01/3 [oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/03/2 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=667974 https://launchpad.net/bugs/701783 oval:org.mitre.oval:def:13086 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086 Common Vulnerability Exposure (CVE) ID: CVE-2011-1071 1025290 http://securitytracker.com/id?1025290 20110224 glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/635 20110226 Re: glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/644 43492 http://secunia.com/advisories/43492 46563 http://www.securityfocus.com/bid/46563 8175 http://securityreason.com/securityalert/8175 [oss-security] 20110228 Re: cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/28/11 http://openwall.com/lists/oss-security/2011/02/28/15 [oss-security] 20110228 cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/26/3 http://bugs.debian.org/615120 http://code.google.com/p/chromium/issues/detail?id=48733 http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html http://sourceware.org/bugzilla/show_bug.cgi?id=11883 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6 https://bugzilla.redhat.com/show_bug.cgi?id=681054 oval:org.mitre.oval:def:12853 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853 Common Vulnerability Exposure (CVE) ID: CVE-2011-1089 46740 http://www.securityfocus.com/bid/46740 MDVSA-2011:179 http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 RHSA-2011:1526 http://www.redhat.com/support/errata/RHSA-2011-1526.html [oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/11 [oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/9 [oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/12 [oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 [oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/07/9 [oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall.com/lists/oss-security/2011/03/14/5 http://openwall.com/lists/oss-security/2011/03/14/7 [oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/15/6 [oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/22/4 http://openwall.com/lists/oss-security/2011/03/22/6 [oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/31/3 http://openwall.com/lists/oss-security/2011/03/31/4 [oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/04/01/2 http://sourceware.org/bugzilla/show_bug.cgi?id=12625 https://bugzilla.redhat.com/show_bug.cgi?id=688980 Common Vulnerability Exposure (CVE) ID: CVE-2011-1095 1025286 http://securitytracker.com/id?1025286 43976 http://secunia.com/advisories/43976 [oss-security] 20110308 Re: glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/21 http://openwall.com/lists/oss-security/2011/03/08/22 [oss-security] 20110308 glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/8 http://bugs.gentoo.org/show_bug.cgi?id=330923 http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259 https://bugzilla.redhat.com/show_bug.cgi?id=625893 oval:org.mitre.oval:def:12272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272 Common Vulnerability Exposure (CVE) ID: CVE-2011-1658 Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search) http://sourceware.org/bugzilla/show_bug.cgi?id=12393 XForce ISS Database: gnuclibrary-ldso-priv-esc(66820) https://exchange.xforce.ibmcloud.com/vulnerabilities/66820 Common Vulnerability Exposure (CVE) ID: CVE-2011-1659 http://www.securitytracker.com/id?1025450 http://secunia.com/advisories/44353 XForce ISS Database: gnuclibrary-fnmatch-dos(66819) https://exchange.xforce.ibmcloud.com/vulnerabilities/66819 Common Vulnerability Exposure (CVE) ID: CVE-2012-0864 52201 http://www.securityfocus.com/bid/52201 RHSA-2012:0393 http://rhn.redhat.com/errata/RHSA-2012-0393.html RHSA-2012:0397 http://rhn.redhat.com/errata/RHSA-2012-0397.html RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html RHSA-2012:0531 http://rhn.redhat.com/errata/RHSA-2012-0531.html [libc-alpha] 20120202 [PATCH] vfprintf: validate nargs and positional offsets http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e http://www.phrack.org/issues.html?issue=67&id=9#article https://bugzilla.redhat.com/show_bug.cgi?id=794766
Copyright	Copyright (C) 2015 Eero Volotinen

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.