Test Kennung:	1.3.6.1.4.1.25623.1.0.69027
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201009-03 (sudo)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 201009-03.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 201009-03. Vulnerability Insight: The secure path feature and group handling in sudo allow local attackers to escalate privileges. Solution: All sudo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.4_p3-r1' CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1646 1024101 http://www.securitytracker.com/id?1024101 20101027 rPSA-2010-0075-1 sudo http://www.securityfocus.com/archive/1/514489/100/0/threaded 40002 http://secunia.com/advisories/40002 40188 http://secunia.com/advisories/40188 40215 http://secunia.com/advisories/40215 40508 http://secunia.com/advisories/40508 40538 http://www.securityfocus.com/bid/40538 43068 http://secunia.com/advisories/43068 65083 http://www.osvdb.org/65083 ADV-2010-1452 http://www.vupen.com/english/advisories/2010/1452 ADV-2010-1478 http://www.vupen.com/english/advisories/2010/1478 ADV-2010-1518 http://www.vupen.com/english/advisories/2010/1518 ADV-2010-1519 http://www.vupen.com/english/advisories/2010/1519 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 DSA-2062 http://www.debian.org/security/2010/dsa-2062 FEDORA-2010-9402 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html FEDORA-2010-9415 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html FEDORA-2010-9417 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html GLSA-201009-03 http://security.gentoo.org/glsa/glsa-201009-03.xml MDVSA-2010:118 http://www.mandriva.com/security/advisories?name=MDVSA-2010:118 RHSA-2010:0475 http://www.redhat.com/support/errata/RHSA-2010-0475.html SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://wiki.rpath.com/Advisories:rPSA-2010-0075 http://www.sudo.ws/repos/sudo/rev/3057fde43cf0 http://www.sudo.ws/repos/sudo/rev/a09c6812eaec http://www.sudo.ws/sudo/alerts/secure_path.html https://bugzilla.redhat.com/show_bug.cgi?id=598154 oval:org.mitre.oval:def:10580 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580 oval:org.mitre.oval:def:7338 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338 Common Vulnerability Exposure (CVE) ID: CVE-2010-2956 1024392 http://www.securitytracker.com/id?1024392 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap http://www.securityfocus.com/archive/1/515545/100/0/threaded 41316 http://secunia.com/advisories/41316 42787 http://secunia.com/advisories/42787 43019 http://www.securityfocus.com/bid/43019 ADV-2010-2312 http://www.vupen.com/english/advisories/2010/2312 ADV-2010-2318 http://www.vupen.com/english/advisories/2010/2318 ADV-2010-2320 http://www.vupen.com/english/advisories/2010/2320 ADV-2010-2358 http://www.vupen.com/english/advisories/2010/2358 ADV-2011-0025 http://www.vupen.com/english/advisories/2011/0025 FEDORA-2010-14355 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html MDVSA-2010:175 http://www.mandriva.com/security/advisories?name=MDVSA-2010:175 RHSA-2010:0675 http://www.redhat.com/support/errata/RHSA-2010-0675.html SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html USN-983-1 http://www.ubuntu.com/usn/USN-983-1 http://www.sudo.ws/sudo/alerts/runas_group.html http://www.vmware.com/security/advisories/VMSA-2011-0001.html https://bugzilla.redhat.com/show_bug.cgi?id=628628
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.