Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200903-39 (pam

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63694

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200903-39 (pam_krb5)

Resumen: The remote host is missing updates announced in;advisory GLSA 200903-39.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200903-39.

Vulnerability Insight:
Two vulnerabilities in pam_krb5 might allow local users to elevate their
privileges or overwrite arbitrary files.

Solution:
All pam_krb5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-3.12'

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0360
BugTraq ID: 33740
http://www.securityfocus.com/bid/33740
Bugtraq: 20090211 pam-krb5 security advisory (3.12 and earlier) (Google Search)
http://www.securityfocus.com/archive/1/500892/100/0/threaded
Debian Security Information: DSA-1721 (Google Search)
http://www.debian.org/security/2009/dsa-1721
http://security.gentoo.org/glsa/glsa-200903-39.xml
http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732
http://securitytracker.com/id?1021711
http://secunia.com/advisories/33914
http://secunia.com/advisories/33917
http://secunia.com/advisories/34260
http://secunia.com/advisories/34449
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1
http://www.ubuntu.com/usn/USN-719-1
http://www.vupen.com/english/advisories/2009/0410
http://www.vupen.com/english/advisories/2009/0426
http://www.vupen.com/english/advisories/2009/0979
Common Vulnerability Exposure (CVE) ID: CVE-2009-0361
BugTraq ID: 33741
http://www.securityfocus.com/bid/33741
Debian Security Information: DSA-1722 (Google Search)
http://www.debian.org/security/2009/dsa-1722
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5403
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5521
http://secunia.com/advisories/33918

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63694
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200903-39 (pam_krb5)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200903-39.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200903-39. Vulnerability Insight: Two vulnerabilities in pam_krb5 might allow local users to elevate their privileges or overwrite arbitrary files. Solution: All pam_krb5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-auth/pam_krb5-3.12' CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0360 BugTraq ID: 33740 http://www.securityfocus.com/bid/33740 Bugtraq: 20090211 pam-krb5 security advisory (3.12 and earlier) (Google Search) http://www.securityfocus.com/archive/1/500892/100/0/threaded Debian Security Information: DSA-1721 (Google Search) http://www.debian.org/security/2009/dsa-1721 http://security.gentoo.org/glsa/glsa-200903-39.xml http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5732 http://securitytracker.com/id?1021711 http://secunia.com/advisories/33914 http://secunia.com/advisories/33917 http://secunia.com/advisories/34260 http://secunia.com/advisories/34449 http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1 http://www.ubuntu.com/usn/USN-719-1 http://www.vupen.com/english/advisories/2009/0410 http://www.vupen.com/english/advisories/2009/0426 http://www.vupen.com/english/advisories/2009/0979 Common Vulnerability Exposure (CVE) ID: CVE-2009-0361 BugTraq ID: 33741 http://www.securityfocus.com/bid/33741 Debian Security Information: DSA-1722 (Google Search) http://www.debian.org/security/2009/dsa-1722 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5521 http://secunia.com/advisories/33918
Copyright	Copyright (C) 2009 E-Soft Inc.