ID de Prueba:	1.3.6.1.4.1.25623.1.0.58993
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0969
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0969. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. A flaw was discovered in the way that the mount and umount utilities used the setuid and setgid functions, which could lead to privileges being dropped improperly. A local user could use this flaw to run mount helper applications such as, mount.nfs, with additional privileges (CVE-2007-5191). Users are advised to update to these erratum packages which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0969.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5191 BugTraq ID: 25973 http://www.securityfocus.com/bid/25973 Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Debian Security Information: DSA-1449 (Google Search) http://www.debian.org/security/2008/dsa-1449 Debian Security Information: DSA-1450 (Google Search) http://www.debian.org/security/2008/dsa-1450 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html http://security.gentoo.org/glsa/glsa-200710-18.xml http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101 http://www.redhat.com/support/errata/RHSA-2007-0969.html http://www.securitytracker.com/id?1018782 http://secunia.com/advisories/27104 http://secunia.com/advisories/27122 http://secunia.com/advisories/27145 http://secunia.com/advisories/27188 http://secunia.com/advisories/27283 http://secunia.com/advisories/27354 http://secunia.com/advisories/27399 http://secunia.com/advisories/27687 http://secunia.com/advisories/28348 http://secunia.com/advisories/28349 http://secunia.com/advisories/28368 http://secunia.com/advisories/28469 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-533-1 http://www.vupen.com/english/advisories/2007/3417 http://www.vupen.com/english/advisories/2008/0064
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.