ID de Prueba:	1.3.6.1.4.1.25623.1.0.871215
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for yum-updatesd RHSA-2014:1004-01
Resumen:	The remote host is missing an update for the 'yum-updatesd'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'yum-updatesd' package(s) announced via the referenced advisory. Vulnerability Insight: The yum-updatesd package provides a daemon which checks for available updates and can notify you when they are available via email, syslog, or dbus. It was discovered that yum-updatesd did not properly perform RPM package signature checks. When yum-updatesd was configured to automatically install updates, a remote attacker could use this flaw to install a malicious update on the target system using an unsigned RPM or an RPM signed with an untrusted key. (CVE-2014-0022) All yum-updatesd users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the yum-updatesd service will be restarted automatically. Affected Software/OS: yum-updatesd on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0022 56637 http://secunia.com/advisories/56637 65119 http://www.securityfocus.com/bid/65119 http://yum.baseurl.org/gitweb?p=yum.git%3Ba=commitdiff%3Bh=9df69e5794 https://bugzilla.redhat.com/show_bug.cgi?id=1052440 https://bugzilla.redhat.com/show_bug.cgi?id=1057377
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.