Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200606-07 (vixie-cron)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56930

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200606-07 (vixie-cron)

Resumen: The remote host is missing updates announced in;advisory GLSA 200606-07.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200606-07.

Vulnerability Insight:
Vixie Cron allows local users to execute programs as root.

Solution:
All Vixie Cron users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-process/vixie-cron-4.1-r9'

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-2607
BugTraq ID: 18108
http://www.securityfocus.com/bid/18108
Bugtraq: 20060525 rPSA-2006-0082-1 vixie-cron (Google Search)
http://www.securityfocus.com/archive/1/435033/100/0/threaded
http://security.gentoo.org/glsa/glsa-200606-07.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10213
http://www.redhat.com/support/errata/RHSA-2006-0539.html
http://securitytracker.com/id?1016480
http://secunia.com/advisories/20380
http://secunia.com/advisories/20388
http://secunia.com/advisories/20616
http://secunia.com/advisories/21032
http://secunia.com/advisories/21702
http://secunia.com/advisories/35318
SuSE Security Announcement: SUSE-SA:2006:027 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-32.html
https://usn.ubuntu.com/778-1/
http://www.vupen.com/english/advisories/2006/2075
XForce ISS Database: vixie-cron-docommand-gain-privilege(26691)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26691

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56930
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200606-07 (vixie-cron)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200606-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200606-07. Vulnerability Insight: Vixie Cron allows local users to execute programs as root. Solution: All Vixie Cron users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-process/vixie-cron-4.1-r9' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2607 BugTraq ID: 18108 http://www.securityfocus.com/bid/18108 Bugtraq: 20060525 rPSA-2006-0082-1 vixie-cron (Google Search) http://www.securityfocus.com/archive/1/435033/100/0/threaded http://security.gentoo.org/glsa/glsa-200606-07.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10213 http://www.redhat.com/support/errata/RHSA-2006-0539.html http://securitytracker.com/id?1016480 http://secunia.com/advisories/20380 http://secunia.com/advisories/20388 http://secunia.com/advisories/20616 http://secunia.com/advisories/21032 http://secunia.com/advisories/21702 http://secunia.com/advisories/35318 SuSE Security Announcement: SUSE-SA:2006:027 (Google Search) http://www.novell.com/linux/security/advisories/2006-05-32.html https://usn.ubuntu.com/778-1/ http://www.vupen.com/english/advisories/2006/2075 XForce ISS Database: vixie-cron-docommand-gain-privilege(26691) https://exchange.xforce.ibmcloud.com/vulnerabilities/26691
Copyright	Copyright (C) 2008 E-Soft Inc.