Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2002:045 (mm)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50821

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2002:045 (mm)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to mm
announced via advisory MDKSA-2002:045.

Marcus Meissner and Sebastian Krahmer discovered a temporary file
vulnerability in the mm library which is used by the Apache webserver.
This vulnerability can be exploited to obtain root privilege if shell
access to the apache user (typically apache or nobody) is already
obtained.

Affected versions: 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1,
Single Network Firewall 7.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2002:045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0658

Risk factor : High

CVSS Score:
6.2

Referencia Cruzada: BugTraq ID: 5352
Common Vulnerability Exposure (CVE) ID: CVE-2002-0658
http://www.securityfocus.com/bid/5352
Bugtraq: 20020730 [OpenPKG-SA-2002.007] OpenPKG Security Advisory (mm) (Google Search)
Caldera Security Advisory: CSSA-2002-032.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-032.0.txt
Debian Security Information: DSA-137 (Google Search)
http://www.debian.org/security/2002/dsa-137
FreeBSD Security Advisory: FreeBSD-SN-02:05
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
HPdes Security Advisory: HPSBTL0208-056
http://online.securityfocus.com/advisories/4392
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-045.php
RedHat Security Advisories: RHSA-2002:153
http://rhn.redhat.com/errata/RHSA-2002-153.html
RedHat Security Advisories: RHSA-2002:154
http://rhn.redhat.com/errata/RHSA-2002-154.html
RedHat Security Advisories: RHSA-2002:156
http://rhn.redhat.com/errata/RHSA-2002-156.html
http://www.redhat.com/support/errata/RHSA-2002-163.html
RedHat Security Advisories: RHSA-2002:164
http://rhn.redhat.com/errata/RHSA-2002-164.html
http://www.redhat.com/support/errata/RHSA-2003-158.html
SuSE Security Announcement: SuSE-SA:2002:028 (Google Search)
http://www.novell.com/linux/security/advisories/2002_028_mod_ssl.html
http://www.iss.net/security_center/static/9719.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50821
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2002:045 (mm)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mm announced via advisory MDKSA-2002:045. Marcus Meissner and Sebastian Krahmer discovered a temporary file vulnerability in the mm library which is used by the Apache webserver. This vulnerability can be exploited to obtain root privilege if shell access to the apache user (typically apache or nobody) is already obtained. Affected versions: 7.1, 7.2, 8.0, 8.1, 8.2, Corporate Server 1.0.1, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2002:045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0658 Risk factor : High CVSS Score: 6.2
Referencia Cruzada:	BugTraq ID: 5352 Common Vulnerability Exposure (CVE) ID: CVE-2002-0658 http://www.securityfocus.com/bid/5352 Bugtraq: 20020730 [OpenPKG-SA-2002.007] OpenPKG Security Advisory (mm) (Google Search) Caldera Security Advisory: CSSA-2002-032.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-032.0.txt Debian Security Information: DSA-137 (Google Search) http://www.debian.org/security/2002/dsa-137 FreeBSD Security Advisory: FreeBSD-SN-02:05 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc HPdes Security Advisory: HPSBTL0208-056 http://online.securityfocus.com/advisories/4392 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-045.php RedHat Security Advisories: RHSA-2002:153 http://rhn.redhat.com/errata/RHSA-2002-153.html RedHat Security Advisories: RHSA-2002:154 http://rhn.redhat.com/errata/RHSA-2002-154.html RedHat Security Advisories: RHSA-2002:156 http://rhn.redhat.com/errata/RHSA-2002-156.html http://www.redhat.com/support/errata/RHSA-2002-163.html RedHat Security Advisories: RHSA-2002:164 http://rhn.redhat.com/errata/RHSA-2002-164.html http://www.redhat.com/support/errata/RHSA-2003-158.html SuSE Security Announcement: SuSE-SA:2002:028 (Google Search) http://www.novell.com/linux/security/advisories/2002_028_mod_ssl.html http://www.iss.net/security_center/static/9719.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com