Mandrake Local Security Checks : Mandriva Update for automake MDVSA-2012:103 (automake)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831696

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for automake MDVSA-2012:103 (automake)

Resumen: The remote host is missing an update for the 'automake'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'automake'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability has been discovered and corrected in automake:

A race condition in automake (lib/am/distdir.am) could allow a local
attacker to run arbitrary code with the privileges of the user running
make distcheck (CVE-2012-3386).

The updated packages have been patched to correct this issue.

Affected Software/OS:
automake on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2

Solution:
Please Install the Updated Packages.

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3386
FEDORA-2012-14297
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html
FEDORA-2012-14349
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html
FEDORA-2012-14770
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html
MDVSA-2012:103
http://www.mandriva.com/security/advisories?name=MDVSA-2012:103
RHSA-2013:0526
http://rhn.redhat.com/errata/RHSA-2013-0526.html
[automake] 20120709 CVE-2012-3386 Automake security fix for 'make distcheck'
https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html
[automake] 20120709 GNU Automake 1.11.6 released (fixes a SECURITY VULNERABILITY!)
https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html
[automake] 20120709 GNU Automake 1.12.2 released (fixes a SECURITY VULNERABILITY!)
https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html
http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76
openSUSE-SU-2012:1519
http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831696
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for automake MDVSA-2012:103 (automake)
Resumen:	The remote host is missing an update for the 'automake'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'automake' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been discovered and corrected in automake: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). The updated packages have been patched to correct this issue. Affected Software/OS: automake on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2 Solution: Please Install the Updated Packages. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3386 FEDORA-2012-14297 http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087665.html FEDORA-2012-14349 http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087538.html FEDORA-2012-14770 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089187.html MDVSA-2012:103 http://www.mandriva.com/security/advisories?name=MDVSA-2012:103 RHSA-2013:0526 http://rhn.redhat.com/errata/RHSA-2013-0526.html [automake] 20120709 CVE-2012-3386 Automake security fix for 'make distcheck' https://lists.gnu.org/archive/html/automake/2012-07/msg00023.html [automake] 20120709 GNU Automake 1.11.6 released (fixes a SECURITY VULNERABILITY!) https://lists.gnu.org/archive/html/automake/2012-07/msg00021.html [automake] 20120709 GNU Automake 1.12.2 released (fixes a SECURITY VULNERABILITY!) https://lists.gnu.org/archive/html/automake/2012-07/msg00022.html http://git.savannah.gnu.org/cgit/automake.git/commit/?id=784b3e6ccc7c72a1c95c340cbbe8897d6b689d76 openSUSE-SU-2012:1519 http://lists.opensuse.org/opensuse-updates/2012-11/msg00038.html
Copyright	Copyright (C) 2012 Greenbone AG