ID de Prueba:	1.3.6.1.4.1.25623.1.0.64801
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1341
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:1341.;;The Cluster Manager (cman) utility provides services for managing a Linux;cluster.;;Multiple insecure temporary file use flaws were found in fence_apc_snmp and;ccs_tool. A local attacker could use these flaws to overwrite an arbitrary;file writable by a victim running those utilities (typically root) with;the output of the utilities via a symbolic link attack. (CVE-2008-4579,;CVE-2008-6552);;Users of cman are advised to upgrade to these updated packages, which;resolve these issues.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1341. The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-4579, CVE-2008-6552) Users of cman are advised to upgrade to these updated packages, which resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4579 31904 http://www.securityfocus.com/bid/31904 32387 http://secunia.com/advisories/32387 32390 http://secunia.com/advisories/32390 36530 http://secunia.com/advisories/36530 43362 http://secunia.com/advisories/43362 ADV-2011-0419 http://www.vupen.com/english/advisories/2011/0419 FEDORA-2008-9042 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html RHSA-2009:1341 http://www.redhat.com/support/errata/RHSA-2009-1341.html RHSA-2011:0266 http://www.redhat.com/support/errata/RHSA-2011-0266.html USN-875-1 http://www.ubuntu.com/usn/USN-875-1 [oss-security] 20081013 Re: CVE Request http://www.openwall.com/lists/oss-security/2008/10/13/3 http://bugs.gentoo.org/show_bug.cgi?id=240576 https://bugzilla.redhat.com/show_bug.cgi?id=467386 oval:org.mitre.oval:def:10799 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799 Common Vulnerability Exposure (CVE) ID: CVE-2008-6552 BugTraq ID: 32179 http://www.securityfocus.com/bid/32179 http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html http://osvdb.org/50299 http://osvdb.org/50300 http://osvdb.org/50301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404 RedHat Security Advisories: RHSA-2009:1337 http://rhn.redhat.com/errata/RHSA-2009-1337.html http://www.redhat.com/support/errata/RHSA-2009-1339.html http://www.redhat.com/support/errata/RHSA-2011-0264.html http://www.redhat.com/support/errata/RHSA-2011-0265.html http://secunia.com/advisories/32602 http://secunia.com/advisories/32616 http://secunia.com/advisories/36555 http://secunia.com/advisories/43367 http://secunia.com/advisories/43372 http://www.vupen.com/english/advisories/2011/0416 http://www.vupen.com/english/advisories/2011/0417 XForce ISS Database: clusterproject-unspecified-priv-escalation(46412) https://exchange.xforce.ibmcloud.com/vulnerabilities/46412
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.