Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:238

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52728

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:238

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:238.

A bug was found in Evolution's helper program camel-lock-helper. This
bug could allow a local attacker to gain root privileges if
camel-lock-helper has been built to execute with elevated privileges. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2005-0102 to this issue. On Red Hat Enterprise Linux,
camel-lock-helper is not built to execute with elevated privileges by
default. Please note however that if users have rebuilt Evolution from the
source RPM, as the root user, camel-lock-helper may be given elevated
privileges.

Additionally, these updated packages address a number of bugs detailed
in the referenced security advisory.

All users of evolution should upgrade to these updated packages, which
resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-238.html

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: BugTraq ID: 12354
Common Vulnerability Exposure (CVE) ID: CVE-2005-0102
http://www.securityfocus.com/bid/12354
Conectiva Linux advisory: CLA-2005:925
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925
Debian Security Information: DSA-673 (Google Search)
http://www.debian.org/security/2005/dsa-673
http://security.gentoo.org/glsa/glsa-200501-35.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616
http://www.redhat.com/support/errata/RHSA-2005-238.html
http://www.redhat.com/support/errata/RHSA-2005-397.html
http://securitytracker.com/id?1012981
http://secunia.com/advisories/13830
https://usn.ubuntu.com/69-1/
XForce ISS Database: evolution-camellockhelper-bo(19031)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19031

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52728
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:238
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:238. A bug was found in Evolution's helper program camel-lock-helper. This bug could allow a local attacker to gain root privileges if camel-lock-helper has been built to execute with elevated privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0102 to this issue. On Red Hat Enterprise Linux, camel-lock-helper is not built to execute with elevated privileges by default. Please note however that if users have rebuilt Evolution from the source RPM, as the root user, camel-lock-helper may be given elevated privileges. Additionally, these updated packages address a number of bugs detailed in the referenced security advisory. All users of evolution should upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-238.html Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	BugTraq ID: 12354 Common Vulnerability Exposure (CVE) ID: CVE-2005-0102 http://www.securityfocus.com/bid/12354 Conectiva Linux advisory: CLA-2005:925 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 Debian Security Information: DSA-673 (Google Search) http://www.debian.org/security/2005/dsa-673 http://security.gentoo.org/glsa/glsa-200501-35.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9616 http://www.redhat.com/support/errata/RHSA-2005-238.html http://www.redhat.com/support/errata/RHSA-2005-397.html http://securitytracker.com/id?1012981 http://secunia.com/advisories/13830 https://usn.ubuntu.com/69-1/ XForce ISS Database: evolution-camellockhelper-bo(19031) https://exchange.xforce.ibmcloud.com/vulnerabilities/19031
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com