ID de Prueba:	1.3.6.1.4.1.25623.1.0.64957
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:245 (glib2.0)
Resumen:	The remote host is missing an update to glib2.0;announced via advisory MDVSA-2009:245.
Descripción:	Summary: The remote host is missing an update to glib2.0 announced via advisory MDVSA-2009:245. Vulnerability Insight: A vulnerability was discovered and corrected in glib2.0: The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory (CVE-2009-3289). This update provides a solution to this vulnerability. Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3289 https://bugzilla.gnome.org/show_bug.cgi?id=593406 http://www.openwall.com/lists/oss-security/2009/09/08/8 http://secunia.com/advisories/39656 SuSE Security Announcement: SUSE-SR:2010:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://www.vupen.com/english/advisories/2010/1001
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.