ID de Prueba:	1.3.6.1.4.1.25623.1.0.130075
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia Linux Local Check: mgasa-2015-0304
Resumen:	Mageia Linux Local Security Checks mgasa-2015-0304
Descripción:	Summary: Mageia Linux Local Security Checks mgasa-2015-0304 Vulnerability Insight: Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user (CVE-2015-1331). Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor profile changes and SELinux domain transitions. A local attacker could exploit this flaw to run programs inside the container that are not confined by AppArmor or SELinux (CVE-2015-1334). Solution: Update the affected packages to the latest available version. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1331 BugTraq ID: 75999 http://www.securityfocus.com/bid/75999 Debian Security Information: DSA-3317 (Google Search) http://www.debian.org/security/2015/dsa-3317 https://service.ait.ac.at/security/2015/LxcSecurityAnalysis.html SuSE Security Announcement: openSUSE-SU-2015:1315 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-07/msg00066.html SuSE Security Announcement: openSUSE-SU-2019:1481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00073.html http://www.ubuntu.com/usn/USN-2675-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1334 BugTraq ID: 75998 http://www.securityfocus.com/bid/75998 SuSE Security Announcement: openSUSE-SU-2015:1317 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-07/msg00067.html
Copyright	Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.