Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:103 (OpenOffice.org)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50584

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:103 (OpenOffice.org)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to OpenOffice.org
announced via advisory MDKSA-2004:103.

A vulnerability in OpenOffice.org was reported by pmladek where a
local user may be able to obtain and read documents that belong to
another user. The way that OpenOffice.org created temporary files,
which used the user's umask to create the file, could potentially
allow for other users to have read access to the document (again,
dependant upon the user's umask).

The updated packages have been patched to prevent this problem.

Affected versions: 10.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0752

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: BugTraq ID: 11151
Common Vulnerability Exposure (CVE) ID: CVE-2004-0752
http://www.securityfocus.com/bid/11151
Bugtraq: 20040910 OpenOffice World-Readable Temporary Files Disclose Files to Local Users (Google Search)
http://marc.info/?l=bugtraq&m=109483308421566&w=2
http://www.osvdb.org/9804
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10294
http://www.redhat.com/support/errata/RHSA-2004-446.html
http://securitytracker.com/id?1011205
http://secunia.com/advisories/12302/
http://secunia.com/advisories/12546/
http://secunia.com/advisories/12668/
http://secunia.com/advisories/12914/
http://secunia.com/advisories/12932/
XForce ISS Database: openofficeorg-tmpfile-insecure-permissions(17312)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17312

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50584
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:103 (OpenOffice.org)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to OpenOffice.org announced via advisory MDKSA-2004:103. A vulnerability in OpenOffice.org was reported by pmladek where a local user may be able to obtain and read documents that belong to another user. The way that OpenOffice.org created temporary files, which used the user's umask to create the file, could potentially allow for other users to have read access to the document (again, dependant upon the user's umask). The updated packages have been patched to prevent this problem. Affected versions: 10.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2004:103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0752 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 11151 Common Vulnerability Exposure (CVE) ID: CVE-2004-0752 http://www.securityfocus.com/bid/11151 Bugtraq: 20040910 OpenOffice World-Readable Temporary Files Disclose Files to Local Users (Google Search) http://marc.info/?l=bugtraq&m=109483308421566&w=2 http://www.osvdb.org/9804 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10294 http://www.redhat.com/support/errata/RHSA-2004-446.html http://securitytracker.com/id?1011205 http://secunia.com/advisories/12302/ http://secunia.com/advisories/12546/ http://secunia.com/advisories/12668/ http://secunia.com/advisories/12914/ http://secunia.com/advisories/12932/ XForce ISS Database: openofficeorg-tmpfile-insecure-permissions(17312) https://exchange.xforce.ibmcloud.com/vulnerabilities/17312
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com