Test Kennung:	1.3.6.1.4.1.25623.1.0.51500
Kategorie:	Conectiva Local Security Checks
Titel:	Conectiva Security Advisory CLA-2002:463
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory CLA-2002:463. UUCP is a Unix to Unix transfer mechanism. It is used primarily for remote sites to download and upload email and news files to local machines. zen-parse found[1] a vulnerability in the command-line argument handling of uucp which could be exploited by a local user to obtain uucp uid/gid. This vulnerability was supposed to be fixed in the CLSA-2001:425 announcement[2], but zen-parse found[3] the used patch was not totally effective. Security precautions were not being enforced for all command line options variants, such as --confi for --config or -c which are synonymous due to the way getopt() works. The upstream uucp author, Ian Lance Taylor, provided a patch to solve this vulnerability. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityfocus.com/archive/1/212892 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425&idioma=en http://www.securityfocus.com/archive/1/251168 http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:463 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.