ID de Prueba:	1.3.6.1.4.1.25623.1.0.56741
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:083 (gdm)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to gdm announced via advisory MDKSA-2006:083. A race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. Packages have been patched to correct this issue. Affected: 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:083 Risk factor : Medium CVSS Score: 3.7
Referencia Cruzada:	BugTraq ID: 17635 Common Vulnerability Exposure (CVE) ID: CVE-2006-1057 17635 http://www.securityfocus.com/bid/17635 ADV-2006-1465 http://www.vupen.com/english/advisories/2006/1465 DSA-1040 http://www.debian.org/security/2006/dsa-1040 FEDORA-2006-338 https://www.redhat.com/archives/fedora-announce-list/2006-April/msg00160.html MDKSA-2006:083 http://www.mandriva.com/security/advisories?name=MDKSA-2006:083 RHSA-2007:0286 http://www.redhat.com/support/errata/RHSA-2007-0286.html USN-278-1 https://usn.ubuntu.com/278-1/ gdm-slavec-symlink(26092) https://exchange.xforce.ibmcloud.com/vulnerabilities/26092 http://cvs.gnome.org/viewcvs/gdm2/daemon/slave.c?r1=1.260&r2=1.261 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188303 oval:org.mitre.oval:def:10092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10092
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.