Test ID:	1.3.6.1.4.1.25623.1.0.54960
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200506-08 (GNU shtool)
Summary:	The remote host is missing updates announced in;advisory GLSA 200506-08.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200506-08. Vulnerability Insight: GNU shtool and ocaml-mysql are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. Solution: All GNU shtool users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-util/shtool-2.0.1-r2' All ocaml-mysql users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-ml/ocaml-mysql-1.0.3-r1' CVSS Score: 3.7 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1751 BugTraq ID: 13767 http://www.securityfocus.com/bid/13767 Debian Security Information: DSA-789 (Google Search) http://www.debian.org/security/2005/dsa-789 http://www.gentoo.org/security/en/glsa/glsa-200506-08.xml http://bugs.gentoo.org/show_bug.cgi?id=93782 http://www.zataz.net/adviso/shtool-05252005.txt http://marc.info/?l=bugtraq&m=111955937622637&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A345 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9639 http://www.redhat.com/support/errata/RHSA-2005-564.html http://securitytracker.com/id?1014059 http://secunia.com/advisories/15496 http://secunia.com/advisories/15668 Common Vulnerability Exposure (CVE) ID: CVE-2005-1759
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.