ID de Prueba:	1.3.6.1.4.1.25623.1.0.69610
Categoría:	CentOS Local Security Checks
Título:	CentOS Security Advisory CESA-2011:0412 (glibc)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to glibc announced in advisory CESA-2011:0412. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2011:0412 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2011:0412 https://rhn.redhat.com/errata/RHSA-2011-0412.html Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0296 1024043 http://securitytracker.com/id?1024043 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series http://seclists.org/fulldisclosure/2019/Jun/18 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series https://seclists.org/bugtraq/2019/Jun/14 39900 http://secunia.com/advisories/39900 43830 http://secunia.com/advisories/43830 46397 http://secunia.com/advisories/46397 ADV-2010-1246 http://www.vupen.com/english/advisories/2010/1246 ADV-2011-0863 http://www.vupen.com/english/advisories/2011/0863 DSA-2058 http://www.debian.org/security/2010/dsa-2058 GLSA-201011-01 http://security.gentoo.org/glsa/glsa-201011-01.xml MDVSA-2010:111 http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 MDVSA-2010:112 http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 RHSA-2011:0412 http://www.redhat.com/support/errata/RHSA-2011-0412.html SUSE-SA:2010:052 https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html USN-944-1 http://www.ubuntu.com/usn/USN-944-1 gnuclibrary-encodenamemacro-dos(59240) https://exchange.xforce.ibmcloud.com/vulnerabilities/59240 http://frugalware.org/security/662 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=559579 Common Vulnerability Exposure (CVE) ID: CVE-2011-0536 1025289 http://securitytracker.com/id?1025289 43989 http://secunia.com/advisories/43989 DSA-2122-2 http://lists.debian.org/debian-security-announce/2011/msg00005.html MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 RHSA-2011:0413 http://www.redhat.com/support/errata/RHSA-2011-0413.html USN-1009-2 http://www.ubuntu.com/usn/USN-1009-2 [oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/01/3 [oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/03/2 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699 https://bugzilla.redhat.com/show_bug.cgi?id=667974 https://launchpad.net/bugs/701783 oval:org.mitre.oval:def:13086 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086 Common Vulnerability Exposure (CVE) ID: CVE-2011-1071 1025290 http://securitytracker.com/id?1025290 20110224 glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/635 20110226 Re: glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/644 43492 http://secunia.com/advisories/43492 46563 http://www.securityfocus.com/bid/46563 8175 http://securityreason.com/securityalert/8175 [oss-security] 20110228 Re: cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/28/11 http://openwall.com/lists/oss-security/2011/02/28/15 [oss-security] 20110228 cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/26/3 http://bugs.debian.org/615120 http://code.google.com/p/chromium/issues/detail?id=48733 http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html http://sourceware.org/bugzilla/show_bug.cgi?id=11883 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6 https://bugzilla.redhat.com/show_bug.cgi?id=681054 oval:org.mitre.oval:def:12853 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853 Common Vulnerability Exposure (CVE) ID: CVE-2011-1095 1025286 http://securitytracker.com/id?1025286 43976 http://secunia.com/advisories/43976 [oss-security] 20110308 Re: glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/21 http://openwall.com/lists/oss-security/2011/03/08/22 [oss-security] 20110308 glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/8 http://bugs.gentoo.org/show_bug.cgi?id=330923 http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259 https://bugzilla.redhat.com/show_bug.cgi?id=625893 oval:org.mitre.oval:def:12272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272 Common Vulnerability Exposure (CVE) ID: CVE-2010-3847 20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/257 20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/292 20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/294 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap http://www.securityfocus.com/archive/1/515545/100/0/threaded 42787 http://secunia.com/advisories/42787 44024 https://www.exploit-db.com/exploits/44024/ 44025 https://www.exploit-db.com/exploits/44025/ 44154 http://www.securityfocus.com/bid/44154 ADV-2011-0025 http://www.vupen.com/english/advisories/2011/0025 DSA-2122 http://www.debian.org/security/2010/dsa-2122 MDVSA-2010:207 http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 RHSA-2010:0787 https://rhn.redhat.com/errata/RHSA-2010-0787.html RHSA-2010:0872 http://www.redhat.com/support/errata/RHSA-2010-0872.html USN-1009-1 http://www.ubuntu.com/usn/USN-1009-1 VU#537223 http://www.kb.cert.org/vuls/id/537223 [libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html http://support.avaya.com/css/P8/documents/100120941 http://www.vmware.com/security/advisories/VMSA-2011-0001.html https://bugzilla.redhat.com/show_bug.cgi?id=643306
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.