ID de Prueba:	1.3.6.1.4.1.25623.1.0.63828
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0427
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:0427.;;udev provides a user-space API and implements a dynamic device directory,;providing only the devices present on the system. udev replaces devfs in;order to provide greater hot plug functionality. Netlink is a datagram;oriented service, used to transfer information between kernel modules and;user-space processes.;;It was discovered that udev did not properly check the origin of Netlink;messages. A local attacker could use this flaw to gain root privileges via;a crafted Netlink message sent to udev, causing it to create a;world-writable block device file for an existing system block device (for;example, the root file system). (CVE-2009-1185);;Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for;responsibly reporting this flaw.;;Users of udev are advised to upgrade to these updated packages, which;contain a backported patch to correct this issue. After installing the;update, the udevd daemon will be restarted automatically.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:0427. udev provides a user-space API and implements a dynamic device directory, providing only the devices present on the system. udev replaces devfs in order to provide greater hot plug functionality. Netlink is a datagram oriented service, used to transfer information between kernel modules and user-space processes. It was discovered that udev did not properly check the origin of Netlink messages. A local attacker could use this flaw to gain root privileges via a crafted Netlink message sent to udev, causing it to create a world-writable block device file for an existing system block device (for example, the root file system). (CVE-2009-1185) Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for responsibly reporting this flaw. Users of udev are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the udevd daemon will be restarted automatically. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1185 1022067 http://www.securitytracker.com/id?1022067 20090417 rPSA-2009-0063-1 udev http://www.securityfocus.com/archive/1/502752/100/0/threaded 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://www.securityfocus.com/archive/1/504849/100/0/threaded 34536 http://www.securityfocus.com/bid/34536 34731 http://secunia.com/advisories/34731 34750 http://secunia.com/advisories/34750 34753 http://secunia.com/advisories/34753 34771 http://secunia.com/advisories/34771 34776 http://secunia.com/advisories/34776 34785 http://secunia.com/advisories/34785 34787 http://secunia.com/advisories/34787 34801 http://secunia.com/advisories/34801 35766 http://secunia.com/advisories/35766 8572 https://www.exploit-db.com/exploits/8572 ADV-2009-1053 http://www.vupen.com/english/advisories/2009/1053 ADV-2009-1865 http://www.vupen.com/english/advisories/2009/1865 DSA-1772 http://www.debian.org/security/2009/dsa-1772 FEDORA-2009-3711 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html FEDORA-2009-3712 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html GLSA-200904-18 http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml MDVSA-2009:103 http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 MDVSA-2009:104 http://www.mandriva.com/security/advisories?name=MDVSA-2009:104 RHSA-2009:0427 http://www.redhat.com/support/errata/RHSA-2009-0427.html SSA:2009-111-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 SUSE-SA:2009:020 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html SUSE-SA:2009:025 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html USN-758-1 http://www.ubuntu.com/usn/usn-758-1 [Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://lists.vmware.com/pipermail/security-announce/2009/000060.html http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://wiki.rpath.com/Advisories:rPSA-2009-0063 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 http://www.vmware.com/security/advisories/VMSA-2009-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=495051 https://launchpad.net/bugs/cve/2009-1185 oval:org.mitre.oval:def:10925 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925 oval:org.mitre.oval:def:5975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.