ID de Prueba:	1.3.6.1.4.1.25623.1.0.64798
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1321
Resumen:	The remote host is missing updates to nfs-utils announced in;advisory RHSA-2009:1321.;;It was discovered that nfs-utils did not use tcp_wrappers correctly.;Certain hosts access rules defined in /etc/hosts.allow and;/etc/hosts.deny may not have been honored, possibly allowing remote;attackers to bypass intended access restrictions. (CVE-2008-4552)
Descripción:	Summary: The remote host is missing updates to nfs-utils announced in advisory RHSA-2009:1321. It was discovered that nfs-utils did not use tcp_wrappers correctly. Certain hosts access rules defined in /etc/hosts.allow and /etc/hosts.deny may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. (CVE-2008-4552) Solution: Install the update. After installing the update, the nfs service will be restarted automatically. Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4552 20081030 rPSA-2008-0307-1 nfs-client nfs-server nfs-utils http://www.securityfocus.com/archive/1/497935/100/0/threaded 31823 http://www.securityfocus.com/bid/31823 32346 http://secunia.com/advisories/32346 32481 http://secunia.com/advisories/32481 33006 http://secunia.com/advisories/33006 36538 http://secunia.com/advisories/36538 38794 http://secunia.com/advisories/38794 38833 http://secunia.com/advisories/38833 ADV-2010-0528 http://www.vupen.com/english/advisories/2010/0528 MDVSA-2009:060 http://www.mandriva.com/security/advisories?name=MDVSA-2009:060 RHSA-2009:1321 http://www.redhat.com/support/errata/RHSA-2009-1321.html USN-687-1 http://www.ubuntu.com/usn/USN-687-1 [oss-security] 20120719 CVE Request: quota: incorrect use of tcp_wrappers http://www.openwall.com/lists/oss-security/2012/07/19/2 [oss-security] 20120719 Re: CVE Request: quota: incorrect use of tcp_wrappers http://www.openwall.com/lists/oss-security/2012/07/19/5 [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://wiki.rpath.com/Advisories:rPSA-2008-0307 https://bugzilla.redhat.com/show_bug.cgi?id=458676 nfsutils-hostctl-security-bypass(45895) https://exchange.xforce.ibmcloud.com/vulnerabilities/45895 oval:org.mitre.oval:def:11544 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11544 oval:org.mitre.oval:def:8325 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8325
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.