Red Hat Local Security Checks : RedHat Security Advisory RHSA-2004:056

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51076

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2004:056

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2004:056.

The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function.

In some situations, the login program could use a pointer that had been
freed and reallocated. This could cause unintentional data leakage.

Note: Red Hat Enterprise Linux 3 is not vulnerable to this issue.

It is recommended that all users upgrade to these updated packages, which
are not vulnerable to this issue.

Red Hat would like to thank Matthew Lee of Fleming College for finding and
reporting this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-056.html

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 9558
Common Vulnerability Exposure (CVE) ID: CVE-2004-0080
http://www.securityfocus.com/bid/9558
Bugtraq: 20040331 OpenLinux: util-linux could leak sensitive data (Google Search)
http://marc.info/?l=bugtraq&m=108077689801698&w=2
Bugtraq: 20040408 LNSA-#2004-0010: login may leak sensitive data (Google Search)
http://marc.info/?l=bugtraq&m=108144719532385&w=2
CERT/CC vulnerability note: VU#801526
http://www.kb.cert.org/vuls/id/801526
http://security.gentoo.org/glsa/glsa-200404-06.xml
http://www.osvdb.org/3796
http://www.redhat.com/support/errata/RHSA-2004-056.html
http://secunia.com/advisories/10773
SGI Security Advisory: 20040201-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
SGI Security Advisory: 20040406-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040406-01-U
XForce ISS Database: utillinux-information-leak(15016)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15016

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51076
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2004:056
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2004:056. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. In some situations, the login program could use a pointer that had been freed and reallocated. This could cause unintentional data leakage. Note: Red Hat Enterprise Linux 3 is not vulnerable to this issue. It is recommended that all users upgrade to these updated packages, which are not vulnerable to this issue. Red Hat would like to thank Matthew Lee of Fleming College for finding and reporting this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2004-056.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 9558 Common Vulnerability Exposure (CVE) ID: CVE-2004-0080 http://www.securityfocus.com/bid/9558 Bugtraq: 20040331 OpenLinux: util-linux could leak sensitive data (Google Search) http://marc.info/?l=bugtraq&m=108077689801698&w=2 Bugtraq: 20040408 LNSA-#2004-0010: login may leak sensitive data (Google Search) http://marc.info/?l=bugtraq&m=108144719532385&w=2 CERT/CC vulnerability note: VU#801526 http://www.kb.cert.org/vuls/id/801526 http://security.gentoo.org/glsa/glsa-200404-06.xml http://www.osvdb.org/3796 http://www.redhat.com/support/errata/RHSA-2004-056.html http://secunia.com/advisories/10773 SGI Security Advisory: 20040201-01-U ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc SGI Security Advisory: 20040406-01-U ftp://patches.sgi.com/support/free/security/advisories/20040406-01-U XForce ISS Database: utillinux-information-leak(15016) https://exchange.xforce.ibmcloud.com/vulnerabilities/15016
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com