Test Kennung:	1.3.6.1.4.1.25623.1.0.123887
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-0902)
Zusammenfassung:	The remote host is missing an update for the 'cifs-utils' package(s) announced via the ELSA-2012-0902 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'cifs-utils' package(s) announced via the ELSA-2012-0902 advisory. Vulnerability Insight: [4.8.1-10] - mount.cifs: don't allow unprivileged users to mount onto dirs they can't chdir into (bz 812782) [4.8.1-9] - cifs.upcall: use krb5_sname_to_principal to construct principal name (bz 805490) [4.8.1-8] - mount.cifs: add backupuid=/backupgid= mount options (bz 806337) [4.8.1-7] - RFE: Improve selection of SPNs with cifs.upcall (bz 748757) - mount.cifs does not use KRB5_CONFIG (bz 748756) [creates additional entries in /etc/mtab (bz 770004)] - mount.cifs does not honor the uid/gid=username option, only the uid/gid=# option (bz 796463) [4.8.1-6] - undocumented mount.cifs options (bz 769923) Affected Software/OS: 'cifs-utils' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1586 SUSE-SU-2012:0575 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00024.html [oss-security] 20120327 CVE id request: cifs-utils http://www.openwall.com/lists/oss-security/2012/03/27/1 [oss-security] 20120327 Re: CVE id request: cifs-utils http://www.openwall.com/lists/oss-security/2012/03/27/6 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665923 https://bugzilla.samba.org/show_bug.cgi?id=8821
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.