Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200710-15 (KDM)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58676

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200710-15 (KDM)

Resumen: The remote host is missing updates announced in;advisory GLSA 200710-15.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200710-15.

Vulnerability Insight:
KDM allows logins without password under certain circumstances allowing a
local user to gain elevated privileges.

Solution:
All KDM users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=kde-base/kdm-3.5.7-r2'

All kdebase users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=kde-base/kdebase-3.5.7-r4'

CVSS Score:
6.8

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4569
1018724
http://securitytracker.com/id?1018724
25730
http://www.securityfocus.com/bid/25730
26894
http://secunia.com/advisories/26894
26904
http://secunia.com/advisories/26904
26915
http://secunia.com/advisories/26915
26929
http://secunia.com/advisories/26929
26977
http://secunia.com/advisories/26977
27089
http://secunia.com/advisories/27089
27096
http://secunia.com/advisories/27096
27106
http://secunia.com/advisories/27106
27180
http://secunia.com/advisories/27180
27271
http://secunia.com/advisories/27271
ADV-2007-3227
http://www.vupen.com/english/advisories/2007/3227
DSA-1376
http://www.debian.org/security/2007/dsa-1376
FEDORA-2007-2361
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
FEDORA-2007-716
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html
GLSA-200710-15
http://security.gentoo.org/glsa/glsa-200710-15.xml
MDKSA-2007:190
http://www.mandriva.com/security/advisories?name=MDKSA-2007:190
RHSA-2007:0905
http://www.redhat.com/support/errata/RHSA-2007-0905.html
SUSE-SR:2007:021
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
USN-517-1
http://www.ubuntu.com/usn/usn-517-1
http://www.kde.org/info/security/advisory-20070919-1.txt
https://issues.rpath.com/browse/RPL-1725
kde-kdm-login-security-bypass(36711)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36711
oval:org.mitre.oval:def:10359
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58676
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200710-15 (KDM)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200710-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200710-15. Vulnerability Insight: KDM allows logins without password under certain circumstances allowing a local user to gain elevated privileges. Solution: All KDM users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=kde-base/kdm-3.5.7-r2' All kdebase users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=kde-base/kdebase-3.5.7-r4' CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4569 1018724 http://securitytracker.com/id?1018724 25730 http://www.securityfocus.com/bid/25730 26894 http://secunia.com/advisories/26894 26904 http://secunia.com/advisories/26904 26915 http://secunia.com/advisories/26915 26929 http://secunia.com/advisories/26929 26977 http://secunia.com/advisories/26977 27089 http://secunia.com/advisories/27089 27096 http://secunia.com/advisories/27096 27106 http://secunia.com/advisories/27106 27180 http://secunia.com/advisories/27180 27271 http://secunia.com/advisories/27271 ADV-2007-3227 http://www.vupen.com/english/advisories/2007/3227 DSA-1376 http://www.debian.org/security/2007/dsa-1376 FEDORA-2007-2361 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html FEDORA-2007-716 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00084.html GLSA-200710-15 http://security.gentoo.org/glsa/glsa-200710-15.xml MDKSA-2007:190 http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 RHSA-2007:0905 http://www.redhat.com/support/errata/RHSA-2007-0905.html SUSE-SR:2007:021 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html USN-517-1 http://www.ubuntu.com/usn/usn-517-1 http://www.kde.org/info/security/advisory-20070919-1.txt https://issues.rpath.com/browse/RPL-1725 kde-kdm-login-security-bypass(36711) https://exchange.xforce.ibmcloud.com/vulnerabilities/36711 oval:org.mitre.oval:def:10359 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10359
Copyright	Copyright (C) 2008 E-Soft Inc.