ID de Prueba:	1.3.6.1.4.1.25623.1.0.870720
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for fuse RHSA-2011:1083-01
Resumen:	The remote host is missing an update for the 'fuse'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'fuse' package(s) announced via the referenced advisory. Vulnerability Insight: FUSE (Filesystem in Userspace) can implement a fully functional file system in a user-space program. These packages provide the mount utility, fusermount, the tool used to mount FUSE file systems. Multiple flaws were found in the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able to unmount and that were not mounted using FUSE, via a symbolic link attack. (CVE-2010-3879, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543) Note: The util-linux-ng RHBA-2011:0699 update must also be installed to fully correct the above flaws. All users should upgrade to these updated packages, which contain backported patches to correct these issues. Affected Software/OS: fuse on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3879 20101102 fusermount: Unmount any filesystem http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077247.html 42961 http://secunia.com/advisories/42961 42965 http://secunia.com/advisories/42965 44623 http://www.securityfocus.com/bid/44623 70520 http://osvdb.org/70520 ADV-2011-0181 http://www.vupen.com/english/advisories/2011/0181 ADV-2011-0302 http://www.vupen.com/english/advisories/2011/0302 FEDORA-2011-0854 http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053792.html MDVSA-2013:155 http://www.mandriva.com/security/advisories?name=MDVSA-2013:155 SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1045-1 http://www.ubuntu.com/usn/USN-1045-1 USN-1045-2 http://www.ubuntu.com/usn/USN-1045-2 [oss-security] 20101104 CVE request: fuse http://openwall.com/lists/oss-security/2010/11/04/8 [oss-security] 20101105 Re: CVE request: fuse http://openwall.com/lists/oss-security/2010/11/05/2 fuse-fusermount-tool-dos(62986) https://exchange.xforce.ibmcloud.com/vulnerabilities/62986 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602333 http://www.halfdog.net/Security/FuseTimerace/ https://bugs.launchpad.net/bugs/670622 https://bugzilla.novell.com/show_bug.cgi?id=651598 https://bugzilla.redhat.com/show_bug.cgi?id=651183 Common Vulnerability Exposure (CVE) ID: CVE-2011-0541 [oss-security] 20110201 CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/02/2 [oss-security] 20110203 Re: CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/03/5 [oss-security] 20110208 Re: CVE request: fuse http://www.openwall.com/lists/oss-security/2011/02/08/4 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=bf5ffb5fd8558bd799791834def431c0cee5a11f Common Vulnerability Exposure (CVE) ID: CVE-2011-0542 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=1e7607ff89c65b005f69e27aeb1649d624099873 Common Vulnerability Exposure (CVE) ID: CVE-2011-0543 http://fuse.git.sourceforge.net/git/gitweb.cgi?p=fuse/fuse%3Ba=commit%3Bh=cbd3a2a84068aae6e3fe32939d88470d712dbf47
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.