FreeBSD Local Security Checks : FreeBSD Ports: kdebase

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.67294

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: kdebase

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

kdebase
kdebase-workspace

CVE-2010-0436
Race condition in backend/ctrl.c in KDM in KDE Software Compilation
(SC) 2.2.0 through 4.4.2 allows local users to change the permissions
of arbitrary files, and consequently gain privileges, by blocking the
removal of a certain directory that contains a control socket, related
to improper interaction with ksm.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0436
39419
http://secunia.com/advisories/39419
39467
http://www.securityfocus.com/bid/39467
39481
http://secunia.com/advisories/39481
39506
http://secunia.com/advisories/39506
ADV-2010-0879
http://www.vupen.com/english/advisories/2010/0879
DSA-2037
http://www.debian.org/security/2010/dsa-2037
FEDORA-2010-6605
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html
RHSA-2010:0348
http://rhn.redhat.com/errata/RHSA-2010-0348.html
SUSE-SR:2010:009
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html
ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff
http://www.kde.org/info/security/advisory-20100413-1.txt
https://bugzilla.redhat.com/show_bug.cgi?id=570613
kde-kdm-privilege-escalation(57823)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57823
oval:org.mitre.oval:def:9999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999

Copyright Copyright (C) 2010 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.67294
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: kdebase
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: kdebase kdebase-workspace CVE-2010-0436 Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0436 39419 http://secunia.com/advisories/39419 39467 http://www.securityfocus.com/bid/39467 39481 http://secunia.com/advisories/39481 39506 http://secunia.com/advisories/39506 ADV-2010-0879 http://www.vupen.com/english/advisories/2010/0879 DSA-2037 http://www.debian.org/security/2010/dsa-2037 FEDORA-2010-6605 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039533.html RHSA-2010:0348 http://rhn.redhat.com/errata/RHSA-2010-0348.html SUSE-SR:2010:009 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html ftp://ftp.kde.org/pub/kde/security_patches/kdebase-workspace-4.3.5-CVE-2010-0436.diff http://www.kde.org/info/security/advisory-20100413-1.txt https://bugzilla.redhat.com/show_bug.cgi?id=570613 kde-kdm-privilege-escalation(57823) https://exchange.xforce.ibmcloud.com/vulnerabilities/57823 oval:org.mitre.oval:def:9999 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9999
Copyright	Copyright (C) 2010 E-Soft Inc.