Red Hat Local Security Checks : RedHat Security Advisory RHSA-2003:016

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51203

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2003:016

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2003:016.

Updated fileutils packages are available which fix a race condition in
recursive remove and move commands.

The fileutils package includes a number of GNU versions of common and
popular file management utilities.

A race condition in recursive use of rm and mv commands in fileutils 4.1
and earlier could allow local users to delete files and directories as the
user running fileutils if the user has write access to part of the tree
being moved or deleted.

In addition, a bug in the way that the chown command parses --from options
has also been fixed in these packages, bringing the command into Linux
Standard Base (LSB) compliance.

Users of Red Hat Linux Advanced Server should install the upgraded
fileutils packages which contain patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2003-016.html
http://online.securityfocus.com/archive/1/260936
http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html

Risk factor : Low

CVSS Score:
1.2

Referencia Cruzada: BugTraq ID: 4266
Common Vulnerability Exposure (CVE) ID: CVE-2002-0435
http://www.securityfocus.com/bid/4266
Bugtraq: 20020310 GNU fileutils - recursive directory removal race condition (Google Search)
http://www.securityfocus.com/archive/1/260936
Caldera Security Advisory: CSSA-2002-018.1
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php
http://www.redhat.com/support/errata/RHSA-2003-015.html
http://www.redhat.com/support/errata/RHSA-2003-016.html
http://www.iss.net/security_center/static/8432.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51203
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2003:016
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2003:016. Updated fileutils packages are available which fix a race condition in recursive remove and move commands. The fileutils package includes a number of GNU versions of common and popular file management utilities. A race condition in recursive use of rm and mv commands in fileutils 4.1 and earlier could allow local users to delete files and directories as the user running fileutils if the user has write access to part of the tree being moved or deleted. In addition, a bug in the way that the chown command parses --from options has also been fixed in these packages, bringing the command into Linux Standard Base (LSB) compliance. Users of Red Hat Linux Advanced Server should install the upgraded fileutils packages which contain patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-016.html http://online.securityfocus.com/archive/1/260936 http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html Risk factor : Low CVSS Score: 1.2
Referencia Cruzada:	BugTraq ID: 4266 Common Vulnerability Exposure (CVE) ID: CVE-2002-0435 http://www.securityfocus.com/bid/4266 Bugtraq: 20020310 GNU fileutils - recursive directory removal race condition (Google Search) http://www.securityfocus.com/archive/1/260936 Caldera Security Advisory: CSSA-2002-018.1 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php http://www.redhat.com/support/errata/RHSA-2003-015.html http://www.redhat.com/support/errata/RHSA-2003-016.html http://www.iss.net/security_center/static/8432.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com