Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200902-01 (sudo)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63335

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200902-01 (sudo)

Resumen: The remote host is missing updates announced in;advisory GLSA 200902-01.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200902-01.

Vulnerability Insight:
A vulnerability in sudo may allow for privilege escalation.

Solution:
All sudo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.0'

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0034
1021688
http://www.securitytracker.com/id?1021688
20090129 rPSA-2009-0021-1 sudo
http://www.securityfocus.com/archive/1/500546/100/0/threaded
20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
http://www.securityfocus.com/archive/1/504849/100/0/threaded
33517
http://www.securityfocus.com/bid/33517
33753
http://secunia.com/advisories/33753
33840
http://secunia.com/advisories/33840
33885
http://secunia.com/advisories/33885
35766
http://secunia.com/advisories/35766
51736
http://osvdb.org/51736
ADV-2009-1865
http://www.vupen.com/english/advisories/2009/1865
MDVSA-2009:033
http://www.mandriva.com/security/advisories?name=MDVSA-2009:033
RHSA-2009:0267
http://www.redhat.com/support/errata/RHSA-2009-0267.html
[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
http://lists.vmware.com/pipermail/security-announce/2009/000060.html
http://wiki.rpath.com/Advisories:rPSA-2009-0021
http://www.gratisoft.us/bugzilla/show_bug.cgi?id=327
http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21&r2=1.160.2.22&f=h
http://www.vmware.com/security/advisories/VMSA-2009-0009.html
https://bugzilla.novell.com/show_bug.cgi?id=468923
https://issues.rpath.com/browse/RPL-2954
oval:org.mitre.oval:def:10856
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10856
oval:org.mitre.oval:def:6462
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6462

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63335
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200902-01 (sudo)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200902-01.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200902-01. Vulnerability Insight: A vulnerability in sudo may allow for privilege escalation. Solution: All sudo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.0' CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0034 1021688 http://www.securitytracker.com/id?1021688 20090129 rPSA-2009-0021-1 sudo http://www.securityfocus.com/archive/1/500546/100/0/threaded 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://www.securityfocus.com/archive/1/504849/100/0/threaded 33517 http://www.securityfocus.com/bid/33517 33753 http://secunia.com/advisories/33753 33840 http://secunia.com/advisories/33840 33885 http://secunia.com/advisories/33885 35766 http://secunia.com/advisories/35766 51736 http://osvdb.org/51736 ADV-2009-1865 http://www.vupen.com/english/advisories/2009/1865 MDVSA-2009:033 http://www.mandriva.com/security/advisories?name=MDVSA-2009:033 RHSA-2009:0267 http://www.redhat.com/support/errata/RHSA-2009-0267.html [Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://lists.vmware.com/pipermail/security-announce/2009/000060.html http://wiki.rpath.com/Advisories:rPSA-2009-0021 http://www.gratisoft.us/bugzilla/show_bug.cgi?id=327 http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21&r2=1.160.2.22&f=h http://www.vmware.com/security/advisories/VMSA-2009-0009.html https://bugzilla.novell.com/show_bug.cgi?id=468923 https://issues.rpath.com/browse/RPL-2954 oval:org.mitre.oval:def:10856 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10856 oval:org.mitre.oval:def:6462 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6462
Copyright	Copyright (C) 2009 E-Soft Inc.