ID de Prueba:	1.3.6.1.4.1.25623.1.0.54698
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200410-07 (ed)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200410-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200410-07. Vulnerability Insight: The ed utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change rights on arbitrary files with the rights of the user running ed, which could be the root user. Solution: All ed users should upgrade to the latest version: # emerge sync # emerge -pv '>=sys-apps/ed-0.2-r4' # emerge '>=sys-apps/ed-0.2-r4' CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2000-1137 Bugtraq: 20001211 Immunix OS Security update for ed (Google Search) Conectiva Linux advisory: CLA-2000:359-2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359 Debian Security Information: 20001129 DSA-001-1 ed: symlink attack (Google Search) http://www.debian.org/security/2000/20001129 http://www.linux-mandrake.com/en/security/MDKSA-2000-076.php3 http://www.osvdb.org/6491 http://www.redhat.com/support/errata/RHSA-2000-123.html XForce ISS Database: gnu-ed-symlink(5723) https://exchange.xforce.ibmcloud.com/vulnerabilities/5723
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.