Test Kennung:	1.3.6.1.4.1.25623.1.0.60811
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200804-11 (policyd-weight)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200804-11.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200804-11. Vulnerability Insight: policyd-weight uses temporary files in an insecure manner, allowing for a symlink attack. Solution: All policyd-weight users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-filter/policyd-weight-0.1.14.17' This version changes the default path for sockets to '/var/run/policyd-weight', which is only writable by a privileged user. Users need to restart policyd-weight immediately after the upgrade due to this change. CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1569 BugTraq ID: 28480 http://www.securityfocus.com/bid/28480 Debian Security Information: DSA-1531 (Google Search) http://www.debian.org/security/2008/dsa-1531 http://security.gentoo.org/glsa/glsa-200804-11.xml http://www.osvdb.org/43888 http://secunia.com/advisories/29553 http://secunia.com/advisories/29738 XForce ISS Database: policydweight-sockets-symlink(41565) https://exchange.xforce.ibmcloud.com/vulnerabilities/41565
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.