Test Kennung:	1.3.6.1.4.1.25623.1.0.54671
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200409-15 (Usermin)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200409-15.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200409-15. Vulnerability Insight: A vulnerability in the webmail function of Usermin could be used by an attacker to execute shell code via a specially-crafted e-mail. A bug in the installation script of Webmin and Usermin also allows a local user to execute a symlink attack at installation time. Solution: All Usermin users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-admin/usermin-1.090' # emerge '>=app-admin/usermin-1.090' All Webmin users should upgrade to the latest version: # emerge sync # emerge -pv '>=app-admin/webmin-1.160' # emerge '>=app-admin/webmin-1.160' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0559 BugTraq ID: 11153 http://www.securityfocus.com/bid/11153 http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml http://secunia.com/advisories/12488/ XForce ISS Database: usermin-installation-unspecified(17299) https://exchange.xforce.ibmcloud.com/vulnerabilities/17299 Common Vulnerability Exposure (CVE) ID: CVE-2004-1468 BugTraq ID: 11122 http://www.securityfocus.com/bid/11122 http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html XForce ISS Database: usermin-web-mail-command-execution(17293) https://exchange.xforce.ibmcloud.com/vulnerabilities/17293
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.