ID de Prueba:	1.3.6.1.4.1.25623.1.0.61785
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200810-02 (portage)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200810-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200810-02. Vulnerability Insight: A search path vulnerability in Portage allows local attackers to execute commands with root privileges if emerge is called from untrusted directories. Solution: All Portage users should upgrade to the latest version: # cd /root # emerge --sync # emerge --ask --oneshot --verbose '>=sys-apps/portage-2.1.4.5' NOTE: To upgrade to Portage 2.1.4.5 using 2.1.4.4 or prior, you must run emerge from a trusted working directory, such as '/root'. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4394 BugTraq ID: 31670 http://www.securityfocus.com/bid/31670 http://security.gentoo.org/glsa/glsa-200810-02.xml http://secunia.com/advisories/32228 XForce ISS Database: portage-search-path-priv-escalation(45792) https://exchange.xforce.ibmcloud.com/vulnerabilities/45792
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.