Test Kennung:	1.3.6.1.4.1.25623.1.0.67041
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201003-01 (sudo)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 201003-01.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 201003-01. Vulnerability Insight: Two vulnerabilities in sudo might allow local users to escalate privileges and execute arbitrary code with root privileges. Solution: All sudo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.2_p4' CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0426 1023658 http://securitytracker.com/id?1023658 20101027 rPSA-2010-0075-1 sudo http://www.securityfocus.com/archive/1/514489/100/0/threaded 38362 http://www.securityfocus.com/bid/38362 38659 http://secunia.com/advisories/38659 38762 http://secunia.com/advisories/38762 38795 http://secunia.com/advisories/38795 38803 http://secunia.com/advisories/38803 38915 http://secunia.com/advisories/38915 39399 http://secunia.com/advisories/39399 ADV-2010-0450 http://www.vupen.com/english/advisories/2010/0450 ADV-2010-0949 http://www.vupen.com/english/advisories/2010/0949 DSA-2006 http://www.debian.org/security/2010/dsa-2006 FEDORA-2010-6701 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html FEDORA-2010-6749 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html GLSA-201003-01 http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml MDVSA-2010:049 http://www.mandriva.com/security/advisories?name=MDVSA-2010:049 SSA:2010-110-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019 SUSE-SR:2010:006 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html USN-905-1 http://www.ubuntu.com/usn/USN-905-1 ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737 http://sudo.ws/bugs/show_bug.cgi?id=389 http://sudo.ws/repos/sudo/rev/88f3181692fe http://sudo.ws/repos/sudo/rev/f86e1b56d074 http://wiki.rpath.com/Advisories:rPSA-2010-0075 http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/ http://www.sudo.ws/sudo/stable.html oval:org.mitre.oval:def:10814 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814 oval:org.mitre.oval:def:7238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238 Common Vulnerability Exposure (CVE) ID: CVE-2010-0427 [oss-security] 20100223 CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set http://www.openwall.com/lists/oss-security/2010/02/23/4 [oss-security] 20100224 Re: CVE assignment notification -- CVE-2010-0427 -- sudo fails to reset group permissions if runas_default set http://www.openwall.com/lists/oss-security/2010/02/24/5 http://sudo.ws/repos/sudo/rev/aa0b6c01c462 http://www.gratisoft.us/bugzilla/attachment.cgi?id=255 http://www.gratisoft.us/bugzilla/show_bug.cgi?id=349 http://www.sudo.ws/cgi-bin/cvsweb/sudo/set_perms.c.diff?r1=1.30.2.7&r2=1.30.2.8 https://bugzilla.redhat.com/show_bug.cgi?id=567622 oval:org.mitre.oval:def:10946 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10946 oval:org.mitre.oval:def:7216 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7216
Copyright	Copyright (C) 2010 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.