Test Kennung:	1.3.6.1.4.1.25623.1.0.60404
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2008:049 (nss_ldap)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to nss_ldap announced via advisory MDVSA-2008:049. A race condition in nss_ldap, when used in applications that use pthread and fork after a call to nss_ldap, does not properly handle the LDAP connection, which might cause nss_ldap to return the wrong user data to the wrong process, giving one user access to data belonging to another user, in some cases. The updated package hais been patched to prevent this issue. Affected: 2007.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:049 Risk factor : Medium CVSS Score: 4.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5794 1020088 http://www.securitytracker.com/id?1020088 20080212 FLEA-2008-0003-1 nss_ldap http://www.securityfocus.com/archive/1/487985/100/0/threaded 26452 http://www.securityfocus.com/bid/26452 27670 http://secunia.com/advisories/27670 27768 http://secunia.com/advisories/27768 27839 http://secunia.com/advisories/27839 28061 http://secunia.com/advisories/28061 28838 http://secunia.com/advisories/28838 29083 http://secunia.com/advisories/29083 30352 http://secunia.com/advisories/30352 31227 http://secunia.com/advisories/31227 31524 http://secunia.com/advisories/31524 DSA-1430 http://www.debian.org/security/2007/dsa-1430 GLSA-200711-33 http://security.gentoo.org/glsa/glsa-200711-33.xml MDVSA-2008:049 http://www.mandriva.com/security/advisories?name=MDVSA-2008:049 RHSA-2008:0389 http://www.redhat.com/support/errata/RHSA-2008-0389.html RHSA-2008:0715 http://www.redhat.com/support/errata/RHSA-2008-0715.html SUSE-SR:2008:003 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html [Dovecot] 20050303 hanging imap... and users getting other users' emails! http://www.dovecot.org/list/dovecot/2005-March/006345.html [Dovecot] 20050409 Authentication and the wrong mailbox? http://www.dovecot.org/list/dovecot/2005-April/006859.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453868 http://bugs.gentoo.org/show_bug.cgi?id=198390 http://support.avaya.com/elmodocs2/security/ASA-2008-332.htm http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0255 https://bugzilla.redhat.com/show_bug.cgi?id=154314 https://bugzilla.redhat.com/show_bug.cgi?id=367461 https://issues.rpath.com/browse/RPL-1913 nssldap-ldap-race-condition(38505) https://exchange.xforce.ibmcloud.com/vulnerabilities/38505 oval:org.mitre.oval:def:10625 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10625
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.