Red Hat Local Security Checks : RedHat Security Advisory RHSA-2008:0061

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60958

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2008:0061

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2008:0061.

The setroubleshoot packages provide tools to help diagnose SELinux
problems. When AVC messages occur, an alert is generated that gives
information about the problem, and how to create a resolution.

A flaw was found in the way sealert wrote diagnostic messages to a
temporary file. A local unprivileged user could perform a symbolic link
attack, and cause arbitrary files, writable by other users, to be
overwritten when a victim runs sealert. (CVE-2007-5495)

A flaw was found in the way sealert displayed records from the
setroubleshoot database as unescaped HTML. An local unprivileged attacker
could cause AVC denial events with carefully crafted process or file names,
injecting arbitrary HTML tags into the logs, which could be used as a
scripting attack, or to confuse the user running sealert. (CVE-2007-5496)

Users of setroubleshoot are advised to upgrade to these updated packages,
which resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0061.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
4.4

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-5495
1020077
http://securitytracker.com/id?1020077
29320
http://www.securityfocus.com/bid/29320
30339
http://secunia.com/advisories/30339
RHSA-2008:0061
http://www.redhat.com/support/errata/RHSA-2008-0061.html
https://bugzilla.redhat.com/show_bug.cgi?id=288221
oval:org.mitre.oval:def:9705
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9705
setroubleshoot-sealert-symlink(42591)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42591
Common Vulnerability Exposure (CVE) ID: CVE-2007-5496
1020078
http://securitytracker.com/id?1020078
29324
http://www.securityfocus.com/bid/29324
https://bugzilla.redhat.com/show_bug.cgi?id=288271
oval:org.mitre.oval:def:10455
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10455
setroubleshoot-sealert-avc-xss(42592)
https://exchange.xforce.ibmcloud.com/vulnerabilities/42592

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60958
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0061
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0061. The setroubleshoot packages provide tools to help diagnose SELinux problems. When AVC messages occur, an alert is generated that gives information about the problem, and how to create a resolution. A flaw was found in the way sealert wrote diagnostic messages to a temporary file. A local unprivileged user could perform a symbolic link attack, and cause arbitrary files, writable by other users, to be overwritten when a victim runs sealert. (CVE-2007-5495) A flaw was found in the way sealert displayed records from the setroubleshoot database as unescaped HTML. An local unprivileged attacker could cause AVC denial events with carefully crafted process or file names, injecting arbitrary HTML tags into the logs, which could be used as a scripting attack, or to confuse the user running sealert. (CVE-2007-5496) Users of setroubleshoot are advised to upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0061.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.4
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5495 1020077 http://securitytracker.com/id?1020077 29320 http://www.securityfocus.com/bid/29320 30339 http://secunia.com/advisories/30339 RHSA-2008:0061 http://www.redhat.com/support/errata/RHSA-2008-0061.html https://bugzilla.redhat.com/show_bug.cgi?id=288221 oval:org.mitre.oval:def:9705 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9705 setroubleshoot-sealert-symlink(42591) https://exchange.xforce.ibmcloud.com/vulnerabilities/42591 Common Vulnerability Exposure (CVE) ID: CVE-2007-5496 1020078 http://securitytracker.com/id?1020078 29324 http://www.securityfocus.com/bid/29324 https://bugzilla.redhat.com/show_bug.cgi?id=288271 oval:org.mitre.oval:def:10455 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10455 setroubleshoot-sealert-avc-xss(42592) https://exchange.xforce.ibmcloud.com/vulnerabilities/42592
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com