Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:1022 (util-linux)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55579

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLSA-2005:1022 (util-linux)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLSA-2005:1022.

This announcement fixes a vulnerability in umount that could
allow local users with umount permissions to gain privileges
via the -r (remount) option, which causes the file system to
be remounted with just the read-only flag, which effectively
clears the nosuid, nodev, and other flags.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001022

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: BugTraq ID: 14816
Common Vulnerability Exposure (CVE) ID: CVE-2005-2876
101960
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1
14816
http://www.securityfocus.com/bid/14816
16785
http://secunia.com/advisories/16785
16988
http://secunia.com/advisories/16988
17004
http://secunia.com/advisories/17004
17027
http://secunia.com/advisories/17027
17133
http://secunia.com/advisories/17133
17154
http://secunia.com/advisories/17154
18502
http://secunia.com/advisories/18502
19369
http://www.osvdb.org/19369
2005-0049
http://marc.info/?l=bugtraq&m=112690609622266&w=2
20050912 util-linux: unintentional grant of privileges by umount
http://marc.info/?l=bugtraq&m=112656096125857&w=2
DSA-823
http://www.debian.org/security/2005/dsa-823
DSA-825
http://www.debian.org/security/2005/dsa-825
FLSA:168326
http://www.securityfocus.com/archive/1/419774/100/0/threaded
SUSE-SR:2005:021
http://www.novell.com/linux/security/advisories/2005_21_sr.html
USN-184
http://www.ubuntu.com/usn/usn-184-1
http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm
oval:org.mitre.oval:def:10921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921
utillinux-umount-gain-privileges(22241)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22241

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55579
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLSA-2005:1022 (util-linux)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLSA-2005:1022. This announcement fixes a vulnerability in umount that could allow local users with umount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001022 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	BugTraq ID: 14816 Common Vulnerability Exposure (CVE) ID: CVE-2005-2876 101960 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101960-1 14816 http://www.securityfocus.com/bid/14816 16785 http://secunia.com/advisories/16785 16988 http://secunia.com/advisories/16988 17004 http://secunia.com/advisories/17004 17027 http://secunia.com/advisories/17027 17133 http://secunia.com/advisories/17133 17154 http://secunia.com/advisories/17154 18502 http://secunia.com/advisories/18502 19369 http://www.osvdb.org/19369 2005-0049 http://marc.info/?l=bugtraq&m=112690609622266&w=2 20050912 util-linux: unintentional grant of privileges by umount http://marc.info/?l=bugtraq&m=112656096125857&w=2 DSA-823 http://www.debian.org/security/2005/dsa-823 DSA-825 http://www.debian.org/security/2005/dsa-825 FLSA:168326 http://www.securityfocus.com/archive/1/419774/100/0/threaded SUSE-SR:2005:021 http://www.novell.com/linux/security/advisories/2005_21_sr.html USN-184 http://www.ubuntu.com/usn/usn-184-1 http://support.avaya.com/elmodocs2/security/ASA-2006-014.htm oval:org.mitre.oval:def:10921 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10921 utillinux-umount-gain-privileges(22241) https://exchange.xforce.ibmcloud.com/vulnerabilities/22241
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com