Test Kennung:	1.3.6.1.4.1.25623.1.0.54623
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200407-16 (Kernel)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200407-16.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200407-16. Vulnerability Insight: Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CVE-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CVE-2004-0447, CVE-2004-0496 and CVE-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory. Solution: Users are encouraged to upgrade to the latest available sources for their system: # emerge sync # emerge -pv your-favorite-sources # emerge your-favorite-sources # # Follow usual procedure for compiling and installing a kernel. # # If you use genkernel, run genkernel as you would do normally. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0447 BugTraq ID: 10783 http://www.securityfocus.com/bid/10783 Computer Incident Advisory Center Bulletin: O-193 http://www.ciac.org/ciac/bulletins/o-193.shtml Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 http://security.gentoo.org/glsa/glsa-200407-16.xml http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10918 http://www.redhat.com/support/errata/RHSA-2004-413.html http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 SGI Security Advisory: 20040804-01-U ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc XForce ISS Database: linux-ia64-dos(16661) https://exchange.xforce.ibmcloud.com/vulnerabilities/16661 Common Vulnerability Exposure (CVE) ID: CVE-2004-0496 SuSE Security Announcement: SUSE-SA:2004:020 (Google Search) http://www.novell.com/linux/security/advisories/2004_20_kernel.html XForce ISS Database: linux-gain-privileges(16625) https://exchange.xforce.ibmcloud.com/vulnerabilities/16625 Common Vulnerability Exposure (CVE) ID: CVE-2004-0497 Conectiva Linux advisory: CLA-2004:852 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867 http://www.redhat.com/support/errata/RHSA-2004-354.html http://www.redhat.com/support/errata/RHSA-2004-360.html XForce ISS Database: linux-fchown-groupid-modify(16599) https://exchange.xforce.ibmcloud.com/vulnerabilities/16599 Common Vulnerability Exposure (CVE) ID: CVE-2004-0565 BugTraq ID: 10687 http://www.securityfocus.com/bid/10687 http://www.mandriva.com/security/advisories?name=MDKSA-2004:066 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714 http://www.redhat.com/support/errata/RHSA-2004-504.html XForce ISS Database: linux-ia64-info-disclosure(16644) https://exchange.xforce.ibmcloud.com/vulnerabilities/16644
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.