Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70808

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)

Resumen: The remote host is missing updates announced in;advisory GLSA 201201-07.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201201-07.

Vulnerability Insight:
An unspecified vulnerability in NX Server Free Edition and NX Node
could allow local attackers to gain root privileges.

Solution:
All NX Server Free Edition users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose
'>=net-misc/nxserver-freeedition-3.5.0.5'

All NX Node users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/nxnode-3.5.0.4'

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since August 23, 2011. It is likely that your system is
already
no longer affected by this issue.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-3977
BugTraq ID: 49720
http://www.securityfocus.com/bid/49720
Bugtraq: 20110921 NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux (Google Search)
http://www.securityfocus.com/archive/1/519730/100/0/threaded
http://securityreason.com/securityalert/8406
XForce ISS Database: nxserver-nxconfigure-priv-escalation(69974)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69974

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70808
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201201-07 (NX Server NX Node)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201201-07.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201201-07. Vulnerability Insight: An unspecified vulnerability in NX Server Free Edition and NX Node could allow local attackers to gain root privileges. Solution: All NX Server Free Edition users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/nxserver-freeedition-3.5.0.5' All NX Node users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/nxnode-3.5.0.4' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 23, 2011. It is likely that your system is already no longer affected by this issue. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3977 BugTraq ID: 49720 http://www.securityfocus.com/bid/49720 Bugtraq: 20110921 NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux (Google Search) http://www.securityfocus.com/archive/1/519730/100/0/threaded http://securityreason.com/securityalert/8406 XForce ISS Database: nxserver-nxconfigure-priv-escalation(69974) https://exchange.xforce.ibmcloud.com/vulnerabilities/69974
Copyright	Copyright (C) 2012 E-Soft Inc.