CentOS Local Security Checks : CentOS Security Advisory CESA-2010:0361 (sudo)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.67516

Categoría: CentOS Local Security Checks

Título: CentOS Security Advisory CESA-2010:0361 (sudo)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates to sudo announced in
advisory CESA-2010:0361.

For details on the issues addressed in this update,
please visit the referenced security advisories.

Solution:
Update the appropriate packages on your system.

http://www.securityspace.com/smysecure/catid.html?in=CESA-2010:0361
http://www.securityspace.com/smysecure/catid.html?in=RHSA-2010:0361
https://rhn.redhat.com/errata/RHSA-2010-0361.html

Risk factor : High

CVSS Score:
6.9

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1163
20100419 sudoedit local privilege escalation through PATH manipulation
http://www.securityfocus.com/archive/1/510827/100/0/threaded
20100420 Re: sudoedit local privilege escalation through PATH manipulation
http://www.securityfocus.com/archive/1/510846/100/0/threaded
20100422 Re: sudoedit local privilege escalation through PATH manipulation
http://www.securityfocus.com/archive/1/510880/100/0/threaded
20101027 rPSA-2010-0075-1 sudo
http://www.securityfocus.com/archive/1/514489/100/0/threaded
39384
http://secunia.com/advisories/39384
39399
http://secunia.com/advisories/39399
39468
http://www.securityfocus.com/bid/39468
39474
http://secunia.com/advisories/39474
39543
http://secunia.com/advisories/39543
43068
http://secunia.com/advisories/43068
63878
http://www.osvdb.org/63878
ADV-2010-0881
http://www.vupen.com/english/advisories/2010/0881
ADV-2010-0895
http://www.vupen.com/english/advisories/2010/0895
ADV-2010-0904
http://www.vupen.com/english/advisories/2010/0904
ADV-2010-0949
http://www.vupen.com/english/advisories/2010/0949
ADV-2010-0956
http://www.vupen.com/english/advisories/2010/0956
ADV-2010-1019
http://www.vupen.com/english/advisories/2010/1019
ADV-2011-0212
http://www.vupen.com/english/advisories/2011/0212
FEDORA-2010-6756
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html
MDVSA-2010:078
http://www.mandriva.com/security/advisories?name=MDVSA-2010:078
RHSA-2010:0361
http://www.redhat.com/support/errata/RHSA-2010-0361.html
SSA:2010-110-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019
SUSE-SR:2011:002
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
USN-928-1
http://www.ubuntu.com/usn/USN-928-1
http://wiki.rpath.com/Advisories:rPSA-2010-0075
http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html
oval:org.mitre.oval:def:9382
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382
sudo-sudoefit-privilege-escalation(57836)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57836
Common Vulnerability Exposure (CVE) ID: CVE-2010-0426
1023658
http://securitytracker.com/id?1023658
38362
http://www.securityfocus.com/bid/38362
38659
http://secunia.com/advisories/38659
38762
http://secunia.com/advisories/38762
38795
http://secunia.com/advisories/38795
38803
http://secunia.com/advisories/38803
38915
http://secunia.com/advisories/38915
ADV-2010-0450
http://www.vupen.com/english/advisories/2010/0450
DSA-2006
http://www.debian.org/security/2010/dsa-2006
FEDORA-2010-6701
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html
FEDORA-2010-6749
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html
GLSA-201003-01
http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml
MDVSA-2010:049
http://www.mandriva.com/security/advisories?name=MDVSA-2010:049
SUSE-SR:2010:006
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
USN-905-1
http://www.ubuntu.com/usn/USN-905-1
ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737
http://sudo.ws/bugs/show_bug.cgi?id=389
http://sudo.ws/repos/sudo/rev/88f3181692fe
http://sudo.ws/repos/sudo/rev/f86e1b56d074
http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/
http://www.sudo.ws/sudo/stable.html
oval:org.mitre.oval:def:10814
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814
oval:org.mitre.oval:def:7238
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.67516
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2010:0361 (sudo)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to sudo announced in advisory CESA-2010:0361. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2010:0361 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2010:0361 https://rhn.redhat.com/errata/RHSA-2010-0361.html Risk factor : High CVSS Score: 6.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1163 20100419 sudoedit local privilege escalation through PATH manipulation http://www.securityfocus.com/archive/1/510827/100/0/threaded 20100420 Re: sudoedit local privilege escalation through PATH manipulation http://www.securityfocus.com/archive/1/510846/100/0/threaded 20100422 Re: sudoedit local privilege escalation through PATH manipulation http://www.securityfocus.com/archive/1/510880/100/0/threaded 20101027 rPSA-2010-0075-1 sudo http://www.securityfocus.com/archive/1/514489/100/0/threaded 39384 http://secunia.com/advisories/39384 39399 http://secunia.com/advisories/39399 39468 http://www.securityfocus.com/bid/39468 39474 http://secunia.com/advisories/39474 39543 http://secunia.com/advisories/39543 43068 http://secunia.com/advisories/43068 63878 http://www.osvdb.org/63878 ADV-2010-0881 http://www.vupen.com/english/advisories/2010/0881 ADV-2010-0895 http://www.vupen.com/english/advisories/2010/0895 ADV-2010-0904 http://www.vupen.com/english/advisories/2010/0904 ADV-2010-0949 http://www.vupen.com/english/advisories/2010/0949 ADV-2010-0956 http://www.vupen.com/english/advisories/2010/0956 ADV-2010-1019 http://www.vupen.com/english/advisories/2010/1019 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 FEDORA-2010-6756 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039986.html MDVSA-2010:078 http://www.mandriva.com/security/advisories?name=MDVSA-2010:078 RHSA-2010:0361 http://www.redhat.com/support/errata/RHSA-2010-0361.html SSA:2010-110-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.577019 SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html USN-928-1 http://www.ubuntu.com/usn/USN-928-1 http://wiki.rpath.com/Advisories:rPSA-2010-0075 http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html oval:org.mitre.oval:def:9382 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9382 sudo-sudoefit-privilege-escalation(57836) https://exchange.xforce.ibmcloud.com/vulnerabilities/57836 Common Vulnerability Exposure (CVE) ID: CVE-2010-0426 1023658 http://securitytracker.com/id?1023658 38362 http://www.securityfocus.com/bid/38362 38659 http://secunia.com/advisories/38659 38762 http://secunia.com/advisories/38762 38795 http://secunia.com/advisories/38795 38803 http://secunia.com/advisories/38803 38915 http://secunia.com/advisories/38915 ADV-2010-0450 http://www.vupen.com/english/advisories/2010/0450 DSA-2006 http://www.debian.org/security/2010/dsa-2006 FEDORA-2010-6701 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040578.html FEDORA-2010-6749 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040588.html GLSA-201003-01 http://www.gentoo.org/security/en/glsa/glsa-201003-01.xml MDVSA-2010:049 http://www.mandriva.com/security/advisories?name=MDVSA-2010:049 SUSE-SR:2010:006 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html USN-905-1 http://www.ubuntu.com/usn/USN-905-1 ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p21.patch.gz http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570737 http://sudo.ws/bugs/show_bug.cgi?id=389 http://sudo.ws/repos/sudo/rev/88f3181692fe http://sudo.ws/repos/sudo/rev/f86e1b56d074 http://www.linuxquestions.org/questions/linux-security-4/the-use-of-sudoedit-command-question-785442/ http://www.sudo.ws/sudo/stable.html oval:org.mitre.oval:def:10814 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10814 oval:org.mitre.oval:def:7238 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7238
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com