Test Kennung:	1.3.6.1.4.1.25623.1.0.54698
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200410-07 (ed)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200410-07.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200410-07. Vulnerability Insight: The ed utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change rights on arbitrary files with the rights of the user running ed, which could be the root user. Solution: All ed users should upgrade to the latest version: # emerge sync # emerge -pv '>=sys-apps/ed-0.2-r4' # emerge '>=sys-apps/ed-0.2-r4' CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2000-1137 Bugtraq: 20001211 Immunix OS Security update for ed (Google Search) Conectiva Linux advisory: CLA-2000:359-2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359 Debian Security Information: 20001129 DSA-001-1 ed: symlink attack (Google Search) http://www.debian.org/security/2000/20001129 http://www.linux-mandrake.com/en/security/MDKSA-2000-076.php3 http://www.osvdb.org/6491 http://www.redhat.com/support/errata/RHSA-2000-123.html XForce ISS Database: gnu-ed-symlink(5723) https://exchange.xforce.ibmcloud.com/vulnerabilities/5723
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.