Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200611-03 (nvidia-drivers)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57916

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200611-03 (nvidia-drivers)

Resumen: The remote host is missing updates announced in;advisory GLSA 200611-03.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200611-03.

Vulnerability Insight:
The NVIDIA binary graphics driver is vulnerable to a local privilege
escalation through an X session.

Solution:
NVIDIA binary graphics driver users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=x11-drivers/nvidia-drivers-1.0.8776'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-5379
BugTraq ID: 20559
http://www.securityfocus.com/bid/20559
Bugtraq: 20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (Google Search)
http://www.securityfocus.com/archive/1/448860/100/0/threaded
Bugtraq: 20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability (Google Search)
http://www.securityfocus.com/archive/1/451329/100/0/threaded
CERT/CC vulnerability note: VU#147252
http://www.kb.cert.org/vuls/id/147252
http://security.gentoo.org/glsa/glsa-200611-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:007
http://download2.rapid7.com/r7-0025/
http://download2.rapid7.com/r7-0025/nv_exploit.c
http://www.rapid7.com/advisories/R7-0025.jsp
http://securitytracker.com/id?1017072
http://secunia.com/advisories/22419
http://secunia.com/advisories/22676
http://secunia.com/advisories/22730
http://secunia.com/advisories/22764
http://secunia.com/advisories/23678
http://securityreason.com/securityalert/1742
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1
http://www.ubuntu.com/usn/usn-377-1
http://www.vupen.com/english/advisories/2006/4053
http://www.vupen.com/english/advisories/2006/4328
XForce ISS Database: nvidia-linux-driver-bo(29622)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29622

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57916
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200611-03 (nvidia-drivers)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200611-03.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200611-03. Vulnerability Insight: The NVIDIA binary graphics driver is vulnerable to a local privilege escalation through an X session. Solution: NVIDIA binary graphics driver users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-drivers/nvidia-drivers-1.0.8776' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5379 BugTraq ID: 20559 http://www.securityfocus.com/bid/20559 Bugtraq: 20061016 Rapid7 Advisory R7-0025: Buffer Overflow in NVIDIA Binary Graphics Driver For Linux (Google Search) http://www.securityfocus.com/archive/1/448860/100/0/threaded Bugtraq: 20061113 Re: [ GLSA 200611-03 ] NVIDIA binary graphics driver: Privilege escalation vulnerability (Google Search) http://www.securityfocus.com/archive/1/451329/100/0/threaded CERT/CC vulnerability note: VU#147252 http://www.kb.cert.org/vuls/id/147252 http://security.gentoo.org/glsa/glsa-200611-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:007 http://download2.rapid7.com/r7-0025/ http://download2.rapid7.com/r7-0025/nv_exploit.c http://www.rapid7.com/advisories/R7-0025.jsp http://securitytracker.com/id?1017072 http://secunia.com/advisories/22419 http://secunia.com/advisories/22676 http://secunia.com/advisories/22730 http://secunia.com/advisories/22764 http://secunia.com/advisories/23678 http://securityreason.com/securityalert/1742 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1 http://www.ubuntu.com/usn/usn-377-1 http://www.vupen.com/english/advisories/2006/4053 http://www.vupen.com/english/advisories/2006/4328 XForce ISS Database: nvidia-linux-driver-bo(29622) https://exchange.xforce.ibmcloud.com/vulnerabilities/29622
Copyright	Copyright (C) 2008 E-Soft Inc.