ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0331
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0331)
Resumen:	The remote host is missing an update for the 'pmake' package(s) announced via the MGASA-2013-0331 advisory.
Descripción:	Summary: The remote host is missing an update for the 'pmake' package(s) announced via the MGASA-2013-0331 advisory. Vulnerability Insight: Updated pmake package fixes security vulnerability: The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related to bsd.lib.mk and bsd.prog.mk (CVE-2011-1920). Affected Software/OS: 'pmake' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1920 47878 http://www.securityfocus.com/bid/47878 [oss-security] 20110516 CVE Request -- pmake -- Use of insecure temporary file for 'depend' target http://openwall.com/lists/oss-security/2011/05/16/2 [oss-security] 20110516 Re: CVE Request -- pmake -- Use of insecure temporary file for 'depend' target http://openwall.com/lists/oss-security/2011/05/16/8 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626673 http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.lib.mk.diff?r1=1.239&r2=1.240&f=h http://cvsweb.netbsd.org/bsdweb.cgi/src/share/mk/bsd.prog.mk.diff?r1=1.192&r2=1.193&f=h https://bugzilla.redhat.com/show_bug.cgi?id=705090 https://bugzilla.redhat.com/show_bug.cgi?id=705100 pmake-depend-symlink(67495) https://exchange.xforce.ibmcloud.com/vulnerabilities/67495
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.