Red Hat Local Security Checks : RedHat Security Advisory RHSA-2011:1532

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70484

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2011:1532

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2011:1532.

Kexec allows for booting a Linux kernel from the context of an already
running kernel.

Kdump used the SSH (Secure Shell) StrictHostKeyChecking=no option when
dumping to SSH targets, causing the target kdump server's SSH host key not
to be checked. This could make it easier for a man-in-the-middle attacker
on the local network to impersonate the kdump SSH target server and
possibly gain access to sensitive information in the vmcore dumps.
(CVE-2011-3588)

mkdumprd created initrd files with world-readable permissions. A local user
could possibly use this flaw to gain access to sensitive information, such
as the private SSH key used to authenticate to a remote server when kdump
was configured to dump to an SSH target. (CVE-2011-3589)

mkdumprd included unneeded sensitive files (such as all files from the
/root/.ssh/ directory and the host's private SSH keys) in the resulting
initrd. This could lead to an information leak when initrd files were
previously created with world-readable permissions. Note: With this update,
only the SSH client configuration, known hosts files, and the SSH key
configured via the newly introduced sshkey option in /etc/kdump.conf are
included in the initrd. The default is the key generated when running the
service kdump propagate command, /root/.ssh/kdump_id_rsa.
(CVE-2011-3590)

Red Hat would like to thank Kevan Carstensen for reporting these issues.

This update also fixes several bugs and adds various enhancements.
Space precludes documenting all of these changes in this advisory.
Documentation for these bug fixes and enhancements will be available
shortly from the Technical Notes document, linked to in the References
section.

All kexec-tools users should upgrade to this updated package, which
contains backported patches to resolve these issues and add these
enhancements.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-1532.html

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-3588
RHSA-2011:1532
http://rhn.redhat.com/errata/RHSA-2011-1532.html
RHSA-2012:0152
http://rhn.redhat.com/errata/RHSA-2012-0152.html
https://bugzilla.redhat.com/show_bug.cgi?id=716439
Common Vulnerability Exposure (CVE) ID: CVE-2011-3589
Common Vulnerability Exposure (CVE) ID: CVE-2011-3590

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70484
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2011:1532
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2011:1532. Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH (Secure Shell) StrictHostKeyChecking=no option when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle attacker on the local network to impersonate the kdump SSH target server and possibly gain access to sensitive information in the vmcore dumps. (CVE-2011-3588) mkdumprd created initrd files with world-readable permissions. A local user could possibly use this flaw to gain access to sensitive information, such as the private SSH key used to authenticate to a remote server when kdump was configured to dump to an SSH target. (CVE-2011-3589) mkdumprd included unneeded sensitive files (such as all files from the /root/.ssh/ directory and the host's private SSH keys) in the resulting initrd. This could lead to an information leak when initrd files were previously created with world-readable permissions. Note: With this update, only the SSH client configuration, known hosts files, and the SSH key configured via the newly introduced sshkey option in /etc/kdump.conf are included in the initrd. The default is the key generated when running the service kdump propagate command, /root/.ssh/kdump_id_rsa. (CVE-2011-3590) Red Hat would like to thank Kevan Carstensen for reporting these issues. This update also fixes several bugs and adds various enhancements. Space precludes documenting all of these changes in this advisory. Documentation for these bug fixes and enhancements will be available shortly from the Technical Notes document, linked to in the References section. All kexec-tools users should upgrade to this updated package, which contains backported patches to resolve these issues and add these enhancements. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1532.html Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3588 RHSA-2011:1532 http://rhn.redhat.com/errata/RHSA-2011-1532.html RHSA-2012:0152 http://rhn.redhat.com/errata/RHSA-2012-0152.html https://bugzilla.redhat.com/show_bug.cgi?id=716439 Common Vulnerability Exposure (CVE) ID: CVE-2011-3589 Common Vulnerability Exposure (CVE) ID: CVE-2011-3590
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com