Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201209-22 (libgssglue)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72456

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201209-22 (libgssglue)

Resumen: The remote host is missing updates announced in;advisory GLSA 201209-22.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201209-22.

Vulnerability Insight:
A vulnerability in libgssglue may allow a local attacker to gain
escalated privileges.

Solution:
All libgssglue users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-libs/libgssglue-0.4'

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2709
45075
http://secunia.com/advisories/45075
48490
http://www.securityfocus.com/bid/48490
50785
http://secunia.com/advisories/50785
50973
http://secunia.com/advisories/50973
FEDORA-2012-7971
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082297.html
FEDORA-2012-8067
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082072.html
SUSE-SU-2011:0696
http://lwn.net/Alerts/449415/
[oss-security] 20110721 CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization
http://www.openwall.com/lists/oss-security/2011/07/21/3
[oss-security] 20110722 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization
http://www.openwall.com/lists/oss-security/2011/07/22/4
[oss-security] 20110812 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization
http://www.openwall.com/lists/oss-security/2011/08/12/10
http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz
https://bugzilla.novell.com/show_bug.cgi?id=694598

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72456
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201209-22 (libgssglue)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201209-22.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201209-22. Vulnerability Insight: A vulnerability in libgssglue may allow a local attacker to gain escalated privileges. Solution: All libgssglue users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/libgssglue-0.4' CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2709 45075 http://secunia.com/advisories/45075 48490 http://www.securityfocus.com/bid/48490 50785 http://secunia.com/advisories/50785 50973 http://secunia.com/advisories/50973 FEDORA-2012-7971 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082297.html FEDORA-2012-8067 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082072.html SUSE-SU-2011:0696 http://lwn.net/Alerts/449415/ [oss-security] 20110721 CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization http://www.openwall.com/lists/oss-security/2011/07/21/3 [oss-security] 20110722 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization http://www.openwall.com/lists/oss-security/2011/07/22/4 [oss-security] 20110812 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization http://www.openwall.com/lists/oss-security/2011/08/12/10 http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz https://bugzilla.novell.com/show_bug.cgi?id=694598
Copyright	Copyright (C) 2012 E-Soft Inc.