Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2013.0331
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2013-0331)
Zusammenfassung:	The remote host is missing an update for the 'pmake' package(s) announced via the MGASA-2013-0331 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'pmake' package(s) announced via the MGASA-2013-0331 advisory. Vulnerability Insight: Updated pmake package fixes security vulnerability: The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk (CVE-2011-1920). Affected Software/OS: 'pmake' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1920 47878 http://www.securityfocus.com/bid/47878 [oss-security] 20110516 CVE Request -- pmake -- Use of insecure temporary file for 'depend' target http://openwall.com/lists/oss-security/2011/05/16/2 [oss-security] 20110516 Re: CVE Request -- pmake -- Use of insecure temporary file for 'depend' target http://openwall.com/lists/oss-security/2011/05/16/8 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673 http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239&r2=1.240&f=h http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192&r2=1.193&f=h https://bugzilla.redhat.com/show_bug.cgi?id=705090 https://bugzilla.redhat.com/show_bug.cgi?id=705100 pmake-depend-symlink(67495) https://exchange.xforce.ibmcloud.com/vulnerabilities/67495
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.