ID de Prueba:	1.3.6.1.4.1.25623.1.0.53898
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2003-141-06)
Resumen:	The remote host is missing an update for the 'quotacheck' package(s) announced via the SSA:2003-141-06 advisory.
Descripción:	Summary: The remote host is missing an update for the 'quotacheck' package(s) announced via the SSA:2003-141-06 advisory. Vulnerability Insight: An upgraded sysvinit package is available which fixes a problem with the use of quotacheck in /etc/rc.d/rc.M. The original version of rc.M calls quotacheck like this: echo 'Checking filesystem quotas: /sbin/quotacheck -avugM' /sbin/quotacheck -avugM The 'M' option is wrong. This causes the filesystem to be remounted, and in the process any mount flags such as nosuid, nodev, noexec, and the like, will be reset. The correct option to use here is 'm', which does not attempt to remount the partition: echo 'Checking filesystem quotas: /sbin/quotacheck -avugm' /sbin/quotacheck -avugm We recommend sites using file system quotas upgrade to this new package, or edit /etc/rc.d/rc.M accordingly. Here are the details from the Slackware 9.0 ChangeLog: +--------------------------+ Tue May 20 20:13:09 PDT 2003 patches/packages/sysvinit-2.84-i386-26.tgz: Use option M, not m, for quotacheck. Otherwise, the partition might be remounted losing flags like nosuid,nodev, noexec. Thanks to Jem Berkes for pointing this out. (* Security fix *) +--------------------------+ Affected Software/OS: 'quotacheck' package(s) on Slackware 9.0. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.