Test Kennung:	1.3.6.1.4.1.25623.1.0.69035
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201011-01 (glibc)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 201011-01.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 201011-01. Vulnerability Insight: Multiple vulnerabilities were found in glibc, the worst of which allowing local attackers to execute arbitrary code as root. Solution: All GNU C library users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-libs/glibc-2.11.2-r3' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4880 BugTraq ID: 36443 http://www.securityfocus.com/bid/36443 Debian Security Information: DSA-2058 (Google Search) http://www.debian.org/security/2010/dsa-2058 http://security.gentoo.org/glsa/glsa-201011-01.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 https://bugzilla.redhat.com/show_bug.cgi?id=524671 http://secunia.com/advisories/39900 http://securityreason.com/achievement_securityalert/67 http://www.ubuntu.com/usn/USN-944-1 http://www.vupen.com/english/advisories/2010/1246 XForce ISS Database: gnuclibrary-strfmon-overflow(59242) https://exchange.xforce.ibmcloud.com/vulnerabilities/59242 Common Vulnerability Exposure (CVE) ID: CVE-2009-4881 XForce ISS Database: gnuclibrary-vstrfmonl-overflow(59241) https://exchange.xforce.ibmcloud.com/vulnerabilities/59241 Common Vulnerability Exposure (CVE) ID: CVE-2010-0296 1024043 http://securitytracker.com/id?1024043 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series http://seclists.org/fulldisclosure/2019/Jun/18 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series https://seclists.org/bugtraq/2019/Jun/14 39900 43830 http://secunia.com/advisories/43830 46397 http://secunia.com/advisories/46397 ADV-2010-1246 ADV-2011-0863 http://www.vupen.com/english/advisories/2011/0863 DSA-2058 GLSA-201011-01 MDVSA-2010:111 MDVSA-2010:112 RHSA-2011:0412 http://www.redhat.com/support/errata/RHSA-2011-0412.html SUSE-SA:2010:052 https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html USN-944-1 gnuclibrary-encodenamemacro-dos(59240) https://exchange.xforce.ibmcloud.com/vulnerabilities/59240 http://frugalware.org/security/662 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=559579 Common Vulnerability Exposure (CVE) ID: CVE-2010-0830 BugTraq ID: 40063 http://www.securityfocus.com/bid/40063 http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html http://securitytracker.com/id?1024044 SuSE Security Announcement: SUSE-SA:2010:052 (Google Search) XForce ISS Database: glibc-elf-code-execution(58915) https://exchange.xforce.ibmcloud.com/vulnerabilities/58915 Common Vulnerability Exposure (CVE) ID: CVE-2010-3847 20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/257 20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/292 20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/294 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap http://www.securityfocus.com/archive/1/515545/100/0/threaded 42787 http://secunia.com/advisories/42787 44024 https://www.exploit-db.com/exploits/44024/ 44025 https://www.exploit-db.com/exploits/44025/ 44154 http://www.securityfocus.com/bid/44154 ADV-2011-0025 http://www.vupen.com/english/advisories/2011/0025 DSA-2122 http://www.debian.org/security/2010/dsa-2122 MDVSA-2010:207 http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 RHSA-2010:0787 https://rhn.redhat.com/errata/RHSA-2010-0787.html RHSA-2010:0872 http://www.redhat.com/support/errata/RHSA-2010-0872.html USN-1009-1 http://www.ubuntu.com/usn/USN-1009-1 VU#537223 http://www.kb.cert.org/vuls/id/537223 [libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html http://support.avaya.com/css/P8/documents/100120941 http://www.vmware.com/security/advisories/VMSA-2011-0001.html https://bugzilla.redhat.com/show_bug.cgi?id=643306 Common Vulnerability Exposure (CVE) ID: CVE-2010-3856 http://seclists.org/fulldisclosure/2023/Jul/31 http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html 20101022 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads. http://seclists.org/fulldisclosure/2010/Oct/344 44347 http://www.securityfocus.com/bid/44347 MDVSA-2010:212 http://www.mandriva.com/security/advisories?name=MDVSA-2010:212 RHSA-2010:0793 https://rhn.redhat.com/errata/RHSA-2010-0793.html [libc-hacker] 20101022 [PATCH] Require suid bit on audit objects in privileged programs http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html http://support.avaya.com/css/P8/documents/100121017 https://bugzilla.redhat.com/show_bug.cgi?id=645672 http://www.openwall.com/lists/oss-security/2023/07/19/9 http://www.openwall.com/lists/oss-security/2023/07/20/1
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.