Test Kennung:	1.3.6.1.4.1.25623.1.0.64996
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2009:253 (backuppc)
Zusammenfassung:	The remote host is missing an update to backuppc;announced via advisory MDVSA-2009:253.
Beschreibung:	Summary: The remote host is missing an update to backuppc announced via advisory MDVSA-2009:253. Vulnerability Insight: A vulnerability was discovered and corrected in backuppc: CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then initiating a backup or restore (CVE-2009-3369). This update provides a fix for this vulnerability. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3369 https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00729.html https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00694.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542218 http://osvdb.org/57236 http://secunia.com/advisories/36393 http://secunia.com/advisories/37161
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.