|
Test Kennung: | 1.3.6.1.4.1.25623.1.0.60904 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandrake Security Advisory MDVSA-2008:096 (emacs) |
Zusammenfassung: | Mandrake Security Advisory MDVSA-2008:096 (emacs) |
Beschreibung: | Description: The remote host is missing an update to emacs announced via advisory MDVSA-2008:096. Steve Grubb found that the vcdiff script in Emacs create temporary files insecurely when used with SCCS. A local user could exploit a race condition to create or overwrite files with the privileges of the user invoking the program (CVE-2008-1694). The updated packages have been patched to correct this issue. Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:096 Risk factor : Medium CVSS Score: 4.6 |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-1694 http://www.mandriva.com/security/advisories?name=MDVSA-2008:096 http://www.ubuntulinux.org/support/documentation/usn/usn-607-1 BugTraq ID: 28857 http://www.securityfocus.com/bid/28857 http://www.vupen.com/english/advisories/2008/1309/references http://www.vupen.com/english/advisories/2008/1310/references http://www.securitytracker.com/id?1019909 http://secunia.com/advisories/29905 http://secunia.com/advisories/29926 http://secunia.com/advisories/30109 XForce ISS Database: xemacs-gnuemacs-vcdiff-symlink(41906) https://exchange.xforce.ibmcloud.com/vulnerabilities/41906 |
Copyright | Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 58962 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |
|