Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.70808

Kategorie: Gentoo Local Security Checks

Titel: Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)

Zusammenfassung: The remote host is missing updates announced in;advisory GLSA 201201-07.

Beschreibung: Summary:
The remote host is missing updates announced in
advisory GLSA 201201-07.

Vulnerability Insight:
An unspecified vulnerability in NX Server Free Edition and NX Node
could allow local attackers to gain root privileges.

Solution:
All NX Server Free Edition users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=net-misc/nxserver-freeedition-3.5.0.5'

All NX Node users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/nxnode-3.5.0.4'

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since August 23, 2011. It is likely that your system is
already
no longer affected by this issue.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-3977
BugTraq ID: 49720
http://www.securityfocus.com/bid/49720
Bugtraq: 20110921 NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux (Google Search)
http://www.securityfocus.com/archive/1/519730/100/0/threaded
http://securityreason.com/securityalert/8406
XForce ISS Database: nxserver-nxconfigure-priv-escalation(69974)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69974

Copyright Copyright (C) 2012 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.70808
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 201201-07.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 201201-07. Vulnerability Insight: An unspecified vulnerability in NX Server Free Edition and NX Node could allow local attackers to gain root privileges. Solution: All NX Server Free Edition users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/nxserver-freeedition-3.5.0.5' All NX Node users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/nxnode-3.5.0.4' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 23, 2011. It is likely that your system is already no longer affected by this issue. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3977 BugTraq ID: 49720 http://www.securityfocus.com/bid/49720 Bugtraq: 20110921 NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux (Google Search) http://www.securityfocus.com/archive/1/519730/100/0/threaded http://securityreason.com/securityalert/8406 XForce ISS Database: nxserver-nxconfigure-priv-escalation(69974) https://exchange.xforce.ibmcloud.com/vulnerabilities/69974
Copyright	Copyright (C) 2012 E-Soft Inc.