ID de Prueba:	1.3.6.1.4.1.25623.1.0.60811
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200804-11 (policyd-weight)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200804-11.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200804-11. Vulnerability Insight: policyd-weight uses temporary files in an insecure manner, allowing for a symlink attack. Solution: All policyd-weight users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-filter/policyd-weight-0.1.14.17' This version changes the default path for sockets to '/var/run/policyd-weight', which is only writable by a privileged user. Users need to restart policyd-weight immediately after the upgrade due to this change. CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1569 BugTraq ID: 28480 http://www.securityfocus.com/bid/28480 Debian Security Information: DSA-1531 (Google Search) http://www.debian.org/security/2008/dsa-1531 http://security.gentoo.org/glsa/glsa-200804-11.xml http://www.osvdb.org/43888 http://secunia.com/advisories/29553 http://secunia.com/advisories/29738 XForce ISS Database: policydweight-sockets-symlink(41565) https://exchange.xforce.ibmcloud.com/vulnerabilities/41565
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.