Test Kennung:	1.3.6.1.4.1.25623.1.0.66354
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc Vulnerability Insight: The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables. When running setuid programs rtld will normally remove potentially dangerous environment variables. Due to recent changes in FreeBSD environment variable handling code, a corrupt environment may result in attempts to unset environment variables failing. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4146 BugTraq ID: 37154 http://www.securityfocus.com/bid/37154 Bugtraq: 20091130 ** FreeBSD local r00t zeroday (Google Search) http://www.securityfocus.com/archive/1/508142/100/0/threaded Bugtraq: 20091201 Re: ** FreeBSD local r00t zeroday (Google Search) http://www.securityfocus.com/archive/1/508168/100/0/threaded Bugtraq: 20091201 Upcoming FreeBSD Security Advisory (Google Search) http://www.securityfocus.com/archive/1/508146/100/0/threaded http://packetstormsecurity.com/files/152997/FreeBSD-rtld-execl-Privilege-Escalation.html http://www.securitytracker.com/id?1023250 http://secunia.com/advisories/37517
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.