ID de Prueba:	1.3.6.1.4.1.25623.1.0.120578
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2014-371)
Resumen:	The remote host is missing an update for the 'python-jinja2' package(s) announced via the ALAS-2014-371 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-jinja2' package(s) announced via the ALAS-2014-371 advisory. Vulnerability Insight: The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. Affected Software/OS: 'python-jinja2' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1402 http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:096 https://oss.oracle.com/pipermail/el-errata/2014-June/004192.html http://openwall.com/lists/oss-security/2014/01/10/2 http://openwall.com/lists/oss-security/2014/01/10/3 RedHat Security Advisories: RHSA-2014:0747 http://rhn.redhat.com/errata/RHSA-2014-0747.html RedHat Security Advisories: RHSA-2014:0748 http://rhn.redhat.com/errata/RHSA-2014-0748.html http://secunia.com/advisories/56287 http://secunia.com/advisories/58783 http://secunia.com/advisories/58918 http://secunia.com/advisories/59017 http://secunia.com/advisories/60738 http://secunia.com/advisories/60770
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.