Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:693

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.51436

Kategorie: Conectiva Local Security Checks

Titel: Conectiva Security Advisory CLA-2003:693

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote host is missing updates announced in
advisory CLA-2003:693.

PAM is the authentication system used in Linux. There are several
authentication modules making part of this system, and pam_xauth is
one of them. This module can be used to allow the forwarding of X
credentials from one user to another in order to share an X display.
It is particularly useful in applications such as su.

Andreas Beck discovered[1] a vulnerability in the use of pam_xauth by
the su utility. If the attacker can make one user run su from an X
session, he can steal the X credentials and execute programs in the X
display of the user running su. The worst scenario is the one where
an administrator, logged as root, uses su to an account belonging
to an attacker.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2002-1160 to this issue[2].

This update contains a patch that adds ACL (Access Control List)
functionality to pam_xauth and does not forward the X credentials
from the root user by default.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://marc.theaimsgroup.com/?l=bugtraq&m=104431622818954&w=2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1160
http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:693
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : High

CVSS Score:
7.2

Querverweis: BugTraq ID: 6753
Common Vulnerability Exposure (CVE) ID: CVE-2002-1160
http://www.securityfocus.com/bid/6753
Bugtraq: 20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package (Google Search)
http://marc.info/?l=bugtraq&m=104431622818954&w=2
CERT/CC vulnerability note: VU#911505
http://www.kb.cert.org/vuls/id/911505
Conectiva Linux advisory: CLA-2003:693
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000693
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017
http://www.redhat.com/support/errata/RHSA-2003-028.html
http://www.redhat.com/support/errata/RHSA-2003-035.html
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760
http://www.iss.net/security_center/static/11254.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.51436
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2003:693
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2003:693. PAM is the authentication system used in Linux. There are several authentication modules making part of this system, and pam_xauth is one of them. This module can be used to allow the forwarding of X credentials from one user to another in order to share an X display. It is particularly useful in applications such as su. Andreas Beck discovered[1] a vulnerability in the use of pam_xauth by the su utility. If the attacker can make one user run su from an X session, he can steal the X credentials and execute programs in the X display of the user running su. The worst scenario is the one where an administrator, logged as root, uses su to an account belonging to an attacker. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-1160 to this issue[2]. This update contains a patch that adds ACL (Access Control List) functionality to pam_xauth and does not forward the X credentials from the root user by default. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://marc.theaimsgroup.com/?l=bugtraq&m=104431622818954&w=2 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1160 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:693 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : High CVSS Score: 7.2
Querverweis:	BugTraq ID: 6753 Common Vulnerability Exposure (CVE) ID: CVE-2002-1160 http://www.securityfocus.com/bid/6753 Bugtraq: 20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package (Google Search) http://marc.info/?l=bugtraq&m=104431622818954&w=2 CERT/CC vulnerability note: VU#911505 http://www.kb.cert.org/vuls/id/911505 Conectiva Linux advisory: CLA-2003:693 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000693 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017 http://www.redhat.com/support/errata/RHSA-2003-028.html http://www.redhat.com/support/errata/RHSA-2003-035.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760 http://www.iss.net/security_center/static/11254.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com