Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200404-04 (sysstat)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54543

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200404-04 (sysstat)

Resumen: The remote host is missing updates announced in;advisory GLSA 200404-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200404-04.

Vulnerability Insight:
Multiple vulnerabilities in the way sysstat handles symlinks may allow an
attacker to execute arbitrary code or overwrite arbitrary files

Solution:
Systat users should upgrade to version 4.2 or later:

# emerge sync

# emerge -pv '>=app-admin/sysstat-5.0.2'
# emerge '>=app-admin/sysstat-5.0.2'

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0107
BugTraq ID: 9838
http://www.securityfocus.com/bid/9838
Computer Incident Advisory Center Bulletin: O-097
http://www.ciac.org/ciac/bulletins/o-097.shtml
http://www.osvdb.org/6884
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862
http://www.redhat.com/support/errata/RHSA-2004-053.html
http://www.redhat.com/support/errata/RHSA-2004-093.html
SGI Security Advisory: 20040302-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc
XForce ISS Database: sysstat-post-trigger-symlink(15428)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15428
Common Vulnerability Exposure (CVE) ID: CVE-2004-0108
BugTraq ID: 9844
http://www.securityfocus.com/bid/9844
Debian Security Information: DSA-460 (Google Search)
http://www.debian.org/security/2004/dsa-460
XForce ISS Database: sysstat-isag-symlink(15437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15437

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54543
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200404-04 (sysstat)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200404-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200404-04. Vulnerability Insight: Multiple vulnerabilities in the way sysstat handles symlinks may allow an attacker to execute arbitrary code or overwrite arbitrary files Solution: Systat users should upgrade to version 4.2 or later: # emerge sync # emerge -pv '>=app-admin/sysstat-5.0.2' # emerge '>=app-admin/sysstat-5.0.2' CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0107 BugTraq ID: 9838 http://www.securityfocus.com/bid/9838 Computer Incident Advisory Center Bulletin: O-097 http://www.ciac.org/ciac/bulletins/o-097.shtml http://www.osvdb.org/6884 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862 http://www.redhat.com/support/errata/RHSA-2004-053.html http://www.redhat.com/support/errata/RHSA-2004-093.html SGI Security Advisory: 20040302-01-U ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc XForce ISS Database: sysstat-post-trigger-symlink(15428) https://exchange.xforce.ibmcloud.com/vulnerabilities/15428 Common Vulnerability Exposure (CVE) ID: CVE-2004-0108 BugTraq ID: 9844 http://www.securityfocus.com/bid/9844 Debian Security Information: DSA-460 (Google Search) http://www.debian.org/security/2004/dsa-460 XForce ISS Database: sysstat-isag-symlink(15437) https://exchange.xforce.ibmcloud.com/vulnerabilities/15437
Copyright	Copyright (C) 2008 E-Soft Inc.