Test Kennung:	1.3.6.1.4.1.25623.1.0.69811
Kategorie:	Red Hat Local Security Checks
Titel:	RedHat Security Advisory RHSA-2011:1083
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory RHSA-2011:1083. FUSE (Filesystem in Userspace) can implement a fully functional file system in a user-space program. These packages provide the mount utility, fusermount, the tool used to mount FUSE file systems. Multiple flaws were found in the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able to unmount and that were not mounted using FUSE, via a symbolic link attack. (CVE-2010-3879, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543) Note: The util-linux-ng RHBA-2011:0699 update must also be installed to fully correct the above flaws. All users should upgrade to these updated packages, which contain backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1083.html Risk factor : High CVSS Score: 5.8
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3879 20101102 fusermount: Unmount any filesystem http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077247.html 42961 http://secunia.com/advisories/42961 42965 http://secunia.com/advisories/42965 44623 http://www.securityfocus.com/bid/44623 70520 http://osvdb.org/70520 ADV-2011-0181 http://www.vupen.com/english/advisories/2011/0181 ADV-2011-0302 http://www.vupen.com/english/advisories/2011/0302 FEDORA-2011-0854 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053792.html MDVSA-2013:155 http://www.mandriva.com/security/advisories?name=MDVSA-2013:155 SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1045-1 http://www.ubuntu.com/usn/USN-1045-1 USN-1045-2 http://www.ubuntu.com/usn/USN-1045-2 [oss-security] 20101104 CVE request: fuse http://openwall.com/lists/oss-security/2010/11/04/8 [oss-security] 20101105 Re: CVE request: fuse http://openwall.com/lists/oss-security/2010/11/05/2 fuse-fusermount-tool-dos(62986) https://exchange.xforce.ibmcloud.com/vulnerabilities/62986 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602333 http://www.halfdog.net/Security/FuseTimerace/ https://bugs.launchpad.net/bugs/670622 https://bugzilla.novell.com/show_bug.cgi?id=651598 https://bugzilla.redhat.com/show_bug.cgi?id=651183 Common Vulnerability Exposure (CVE) ID: CVE-2011-0541 [oss-security] 20110201 CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/02/2 [oss-security] 20110203 Re: CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/03/5 [oss-security] 20110208 Re: CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/08/4 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=bf5ffb5fd8558bd799791834def431c0cee5a11f Common Vulnerability Exposure (CVE) ID: CVE-2011-0542 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=1e7607ff89c65b005f69e27aeb1649d624099873 Common Vulnerability Exposure (CVE) ID: CVE-2011-0543 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=cbd3a2a84068aae6e3fe32939d88470d712dbf47
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.