ID de Prueba:	1.3.6.1.4.1.25623.1.0.120076
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2012-110)
Resumen:	The remote host is missing an update for the 'sudo' package(s) announced via the ALAS-2012-110 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the ALAS-2012-110 advisory. Vulnerability Insight: A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. (CVE-2012-2337) Affected Software/OS: 'sudo' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2337 1027077 http://www.securitytracker.com/id?1027077 49219 http://secunia.com/advisories/49219 49244 http://secunia.com/advisories/49244 49291 http://secunia.com/advisories/49291 49948 http://secunia.com/advisories/49948 DSA-2478 http://www.debian.org/security/2012/dsa-2478 FEDORA-2012-7998 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081432.html MDVSA-2012:079 http://www.mandriva.com/security/advisories?name=MDVSA-2012:079 http://www.sudo.ws/sudo/alerts/netmask.html https://bugzilla.redhat.com/show_bug.cgi?id=820677 https://www.suse.com/security/cve/CVE-2012-2337/
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.