ID de Prueba:	1.3.6.1.4.1.25623.1.0.63895
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2009-111-01)
Resumen:	The remote host is missing an update for the 'udev' package(s) announced via the SSA:2009-111-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'udev' package(s) announced via the SSA:2009-111-01 advisory. Vulnerability Insight: New udev packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. The udev packages in Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current contained a local root hole vulnerability: [link moved to references] The udev packages in Slackware 12.0, 12.1, 12.2, and -current had an integer overflow which could result in a denial of service: [link moved to references] Note that udev is only used with 2.6 kernels, which are not used by default with Slackware 10.2 and 11.0. Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/udev-141-i486-1_slack12.2.tgz: Upgraded to udev-141. This upgrade fixes a local root hole and a denial of service issue. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'udev' package(s) on Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1185 1022067 http://www.securitytracker.com/id?1022067 20090417 rPSA-2009-0063-1 udev http://www.securityfocus.com/archive/1/502752/100/0/threaded 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://www.securityfocus.com/archive/1/504849/100/0/threaded 34536 http://www.securityfocus.com/bid/34536 34731 http://secunia.com/advisories/34731 34750 http://secunia.com/advisories/34750 34753 http://secunia.com/advisories/34753 34771 http://secunia.com/advisories/34771 34776 http://secunia.com/advisories/34776 34785 http://secunia.com/advisories/34785 34787 http://secunia.com/advisories/34787 34801 http://secunia.com/advisories/34801 35766 http://secunia.com/advisories/35766 8572 https://www.exploit-db.com/exploits/8572 ADV-2009-1053 http://www.vupen.com/english/advisories/2009/1053 ADV-2009-1865 http://www.vupen.com/english/advisories/2009/1865 DSA-1772 http://www.debian.org/security/2009/dsa-1772 FEDORA-2009-3711 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html FEDORA-2009-3712 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html GLSA-200904-18 http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml MDVSA-2009:103 http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 MDVSA-2009:104 http://www.mandriva.com/security/advisories?name=MDVSA-2009:104 RHSA-2009:0427 http://www.redhat.com/support/errata/RHSA-2009-0427.html SSA:2009-111-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 SUSE-SA:2009:020 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html SUSE-SA:2009:025 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html USN-758-1 http://www.ubuntu.com/usn/usn-758-1 [Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl http://lists.vmware.com/pipermail/security-announce/2009/000060.html http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://wiki.rpath.com/Advisories:rPSA-2009-0063 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 http://www.vmware.com/security/advisories/VMSA-2009-0009.html https://bugzilla.redhat.com/show_bug.cgi?id=495051 https://launchpad.net/bugs/cve/2009-1185 oval:org.mitre.oval:def:10925 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925 oval:org.mitre.oval:def:5975 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975 Common Vulnerability Exposure (CVE) ID: CVE-2009-1186 1022068 http://www.securitytracker.com/id?1022068 34539 http://www.securityfocus.com/bid/34539 http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314 https://bugzilla.redhat.com/show_bug.cgi?id=495052 https://launchpad.net/bugs/cve/2009-1186
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.