ID de Prueba:	1.3.6.1.4.1.25623.1.0.71557
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201206-31 (pam)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201206-31.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201206-31. Vulnerability Insight: Multiple vulnerabilities have been found in Linux-PAM, allowing local attackers to possibly gain escalated privileges, cause a Denial of Service, corrupt data, or obtain sensitive information. Solution: All Linux-PAM users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-libs/pam-1.1.5' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since November 25, 2011. It is likely that your system is already no longer affected by this issue. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3316 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. http://www.securityfocus.com/archive/1/516909/100/0/threaded 49711 http://secunia.com/advisories/49711 ADV-2011-0606 http://www.vupen.com/english/advisories/2011/0606 GLSA-201206-31 http://security.gentoo.org/glsa/glsa-201206-31.xml MDVSA-2010:220 http://www.mandriva.com/security/advisories?name=MDVSA-2010:220 RHSA-2010:0819 http://www.redhat.com/support/errata/RHSA-2010-0819.html RHSA-2010:0891 http://www.redhat.com/support/errata/RHSA-2010-0891.html [oss-security] 20100816 Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/08/16/2 [oss-security] 20100921 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/21/3 http://openwall.com/lists/oss-security/2010/09/21/8 [oss-security] 20100924 Re: Minor security flaw with pam_xauth http://www.openwall.com/lists/oss-security/2010/09/24/2 [oss-security] 20100927 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/27/4 http://openwall.com/lists/oss-security/2010/09/27/5 [oss-security] 20100928 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/27/10 http://openwall.com/lists/oss-security/2010/09/27/7 [oss-security] 20101025 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/10/25/2 [security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6 http://www.vmware.com/security/advisories/VMSA-2011-0004.html https://bugzilla.redhat.com/show_bug.cgi?id=637898 https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663 Common Vulnerability Exposure (CVE) ID: CVE-2010-3430 http://openwall.com/lists/oss-security/2010/09/21/10 http://openwall.com/lists/oss-security/2010/09/21/9 http://www.openwall.com/lists/oss-security/2010/09/21/11 [oss-security] 20101004 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/10/03/1 http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a https://bugzilla.redhat.com/show_bug.cgi?id=641361 Common Vulnerability Exposure (CVE) ID: CVE-2010-3431 Common Vulnerability Exposure (CVE) ID: CVE-2010-3435 http://openwall.com/lists/oss-security/2010/09/27/8 https://bugzilla.redhat.com/show_bug.cgi?id=641335 Common Vulnerability Exposure (CVE) ID: CVE-2010-3853 http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13 https://bugzilla.redhat.com/show_bug.cgi?id=643043 Common Vulnerability Exposure (CVE) ID: CVE-2010-4706 BugTraq ID: 46045 http://www.securityfocus.com/bid/46045 XForce ISS Database: linuxpam-pamsmclosesession-weak-security(65035) https://exchange.xforce.ibmcloud.com/vulnerabilities/65035 Common Vulnerability Exposure (CVE) ID: CVE-2010-4707 XForce ISS Database: linuxpam-checkacl-dos(65036) https://exchange.xforce.ibmcloud.com/vulnerabilities/65036 Common Vulnerability Exposure (CVE) ID: CVE-2010-4708 BugTraq ID: 46046 http://www.securityfocus.com/bid/46046 XForce ISS Database: linuxpam-pamenv-priv-escalation(65037) https://exchange.xforce.ibmcloud.com/vulnerabilities/65037 Common Vulnerability Exposure (CVE) ID: CVE-2011-3148 http://secunia.com/advisories/46583 http://www.ubuntu.com/usn/USN-1237-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-3149
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.