 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.57247 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Security Advisory RHSA-2006:0582 |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing updates announced in advisory RHSA-2006:0582. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the file manager Konqueror. Ilja van Sprundel discovered a lock file handling flaw in kcheckpass. If the directory /var/lock is writable by a user who is allowed to run kcheckpass, that user could gain root privileges. In Red Hat Enterprise Linux, the /var/lock directory is not writable by users and therefore this flaw could only have been exploited if the permissions on that directory have been badly configured. A patch to block this issue has been included in this update. (CVE-2005-2494) The following bugs have also been addressed: - - kstart --tosystray does not send the window to the system tray in Kicker - - When the customer enters or selects URLs in Firefox's address field, the desktop freezes for a couple of seconds - - fish kioslave is broken on 64-bit systems All users of kdebase should upgrade to these updated packages, which contain patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0582.html http://www.redhat.com/security/updates/classification/#low Risk factor : High CVSS Score: 7.2 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-2494 14736 http://www.securityfocus.com/bid/14736 16692 http://secunia.com/advisories/16692 18139 http://secunia.com/advisories/18139 20050905 [KDE Security Advisory] kcheckpass local root vulnerability http://marc.info/?l=bugtraq&m=112603999215453&w=2 20050907 [ Suresec Advisories ] - Kcheckpass file creation vulnerability http://marc.info/?l=bugtraq&m=112611555928169&w=2 21481 http://secunia.com/advisories/21481 DSA-815 http://www.debian.org/security/2005/dsa-815 MDKSA-2005:160 http://www.mandriva.com/security/advisories?name=MDKSA-2005:160 RHSA-2006:0582 http://www.redhat.com/support/errata/RHSA-2006-0582.html USN-176-1 http://www.ubuntu.com/usn/usn-176-1 ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff http://www.kde.org/info/security/advisory-20050905-1.txt http://www.suresec.org/advisories/adv6.pdf oval:org.mitre.oval:def:9388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388 |
| Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |