Test Kennung:	1.3.6.1.4.1.25623.1.0.68920
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2011-041-05)
Zusammenfassung:	The remote host is missing an update for the 'sudo' package(s) announced via the SSA:2011-041-05 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the SSA:2011-041-05 advisory. Vulnerability Insight: New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/sudo-1.7.4p6-i486-1_slack13.1.txz: Upgraded. Fix Runas group password checking. For more information, see the included CHANGES and NEWS files, and: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'sudo' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0010 42886 http://secunia.com/advisories/42886 42949 http://secunia.com/advisories/42949 42968 http://secunia.com/advisories/42968 43068 http://secunia.com/advisories/43068 43282 http://secunia.com/advisories/43282 45774 http://www.securityfocus.com/bid/45774 70400 http://www.osvdb.org/70400 ADV-2011-0089 http://www.vupen.com/english/advisories/2011/0089 ADV-2011-0182 http://www.vupen.com/english/advisories/2011/0182 ADV-2011-0195 http://www.vupen.com/english/advisories/2011/0195 ADV-2011-0199 http://www.vupen.com/english/advisories/2011/0199 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 ADV-2011-0362 http://www.vupen.com/english/advisories/2011/0362 FEDORA-2011-0455 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html FEDORA-2011-0470 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html GLSA-201203-06 http://security.gentoo.org/glsa/glsa-201203-06.xml MDVSA-2011:018 http://www.mandriva.com/security/advisories?name=MDVSA-2011:018 RHSA-2011:0599 http://www.redhat.com/support/errata/RHSA-2011-0599.html SSA:2011-041-05 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593654 SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html USN-1046-1 http://www.ubuntu.com/usn/USN-1046-1 [oss-security] 20110111 CVE request: sudo does not ask for password on GID changes http://openwall.com/lists/oss-security/2011/01/11/3 [oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes http://openwall.com/lists/oss-security/2011/01/12/1 http://openwall.com/lists/oss-security/2011/01/12/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641 http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e http://www.sudo.ws/repos/sudo/rev/fe8a94f96542 http://www.sudo.ws/sudo/alerts/runas_group_pw.html https://bugzilla.redhat.com/show_bug.cgi?id=668879 sudo-groupid-privilege-escalation(64636) https://exchange.xforce.ibmcloud.com/vulnerabilities/64636
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.