ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0326
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0326)
Resumen:	The remote host is missing an update for the 'targetcli' package(s) announced via the MGASA-2020-0326 advisory.
Descripción:	Summary: The remote host is missing an update for the 'targetcli' package(s) announced via the MGASA-2020-0326 advisory. Vulnerability Insight: An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highest threat from this vulnerability is to confidentiality (CVE-2020-13867). Affected Software/OS: 'targetcli' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-13867 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LANBGRCCZBPKKBD5ZMJS7C7DYAHYR6B/ https://security.gentoo.org/glsa/202008-22 https://github.com/open-iscsi/targetcli-fb/pull/172 SuSE Security Announcement: openSUSE-SU-2020:1141 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00003.html SuSE Security Announcement: openSUSE-SU-2020:1144 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00005.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.