Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-1536)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.122040

Category: Oracle Linux Local Security Checks

Title: Oracle: Security Advisory (ELSA-2011-1536)

Summary: The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2011-1536 advisory.

Description: Summary:
The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2011-1536 advisory.

Vulnerability Insight:
[2.2-17.0.1.el6]
- Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272]
- Allow '-' in ticket (SR) numbers (John Haxby)
- Disable --upload option as it will not work with Oracle support
- Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869]
- Remove RH ftp URL and support email
- add sos-oracle-enterprise.patch

[2.2-17]
- Do not collect subscription manager keys in general plugin
Resolves: bz750607

[2.2-16]
- Fix execution of RHN hardware.py from hardware plugin
Resolves: bz736718
- Fix hardware plugin to support new lsusb path
Resolves: bz691477

[2.2-15]
- Fix brctl collection when a bridge contains no interfaces
Resolves: bz697899
- Fix up2dateclient path in hardware plugin
Resolves: bz736718

[2.2-14]
- Collect brctl show and showstp output
Resolves: bz697899
- Collect nslcd.conf in ldap plugin
Resolves: bz682124

[2.2-11]
- Truncate files that exceed specified size limit
Resolves: bz683219
- Add support for collecting Red Hat Subscrition Manager configuration
Resolves: bz714293
- Collect /etc/init on systems using upstart
Resolves: bz694813
- Don't strip whitespace from output of external programs
Resolves: bz713449
- Collect ipv6 neighbour table in network module
Resolves: bz721163
- Collect basic cgroups configuration data
Resolves: bz729455

[2.2-10]
- Fix collection of data from LVM2 reporting tools in devicemapper plugin
Resolves: bz704383
- Add /proc/vmmemctl collection to vmware plugin
Resolves: bz709491

[2.2-9]
- Collect yum repository list by default
Resolves: bz600813
- Add basic Infiniband plugin
Resolves: bz673244
- Add plugin for scsi-target-utils iSCSI target
Resolves: bz677124
- Fix autofs plugin LC_ALL usage
Resolves: bz683404
- Fix collection of lsusb and add collection of -t and -v outputs
Resolves: bz691477
- Extend data collection by qpidd plugin
Resolves: bz726360
- Add ethtool pause, coalesce and ring (-a, -c, -g) options to network plugin
Resolves: bz726427

Affected Software/OS:
'sos' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-4083
RHSA-2011:1536
http://rhn.redhat.com/errata/RHSA-2011-1536.html
RHSA-2012:0153
http://rhn.redhat.com/errata/RHSA-2012-0153.html

Copyright Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122040
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-1536)
Summary:	The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2011-1536 advisory.
Description:	Summary: The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2011-1536 advisory. Vulnerability Insight: [2.2-17.0.1.el6] - Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272] - Allow '-' in ticket (SR) numbers (John Haxby) - Disable --upload option as it will not work with Oracle support - Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869] - Remove RH ftp URL and support email - add sos-oracle-enterprise.patch [2.2-17] - Do not collect subscription manager keys in general plugin Resolves: bz750607 [2.2-16] - Fix execution of RHN hardware.py from hardware plugin Resolves: bz736718 - Fix hardware plugin to support new lsusb path Resolves: bz691477 [2.2-15] - Fix brctl collection when a bridge contains no interfaces Resolves: bz697899 - Fix up2dateclient path in hardware plugin Resolves: bz736718 [2.2-14] - Collect brctl show and showstp output Resolves: bz697899 - Collect nslcd.conf in ldap plugin Resolves: bz682124 [2.2-11] - Truncate files that exceed specified size limit Resolves: bz683219 - Add support for collecting Red Hat Subscrition Manager configuration Resolves: bz714293 - Collect /etc/init on systems using upstart Resolves: bz694813 - Don't strip whitespace from output of external programs Resolves: bz713449 - Collect ipv6 neighbour table in network module Resolves: bz721163 - Collect basic cgroups configuration data Resolves: bz729455 [2.2-10] - Fix collection of data from LVM2 reporting tools in devicemapper plugin Resolves: bz704383 - Add /proc/vmmemctl collection to vmware plugin Resolves: bz709491 [2.2-9] - Collect yum repository list by default Resolves: bz600813 - Add basic Infiniband plugin Resolves: bz673244 - Add plugin for scsi-target-utils iSCSI target Resolves: bz677124 - Fix autofs plugin LC_ALL usage Resolves: bz683404 - Fix collection of lsusb and add collection of -t and -v outputs Resolves: bz691477 - Extend data collection by qpidd plugin Resolves: bz726360 - Add ethtool pause, coalesce and ring (-a, -c, -g) options to network plugin Resolves: bz726427 Affected Software/OS: 'sos' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4083 RHSA-2011:1536 http://rhn.redhat.com/errata/RHSA-2011-1536.html RHSA-2012:0153 http://rhn.redhat.com/errata/RHSA-2012-0153.html
Copyright	Copyright (C) 2015 Greenbone AG