Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-1005)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.122120

Category: Oracle Linux Local Security Checks

Title: Oracle: Security Advisory (ELSA-2011-1005)

Summary: The remote host is missing an update for the 'sysstat' package(s) announced via the ELSA-2011-1005 advisory.

Description: Summary:
The remote host is missing an update for the 'sysstat' package(s) announced via the ELSA-2011-1005 advisory.

Vulnerability Insight:
[7.0.2-11]
- Related: #716959
fix cve-2007-3852 - sysstat insecure temporary file usage

[7.0.2-10]
- Resolves: #716959
fix cve-2007-3852 - sysstat insecure temporary file usage

[7.0.2-9]
- Related: #622557
sar interrupt count goes backward

[7.0.2-8]
- Resolves: #694767
iostat doesn't report statistics for shares with long names
- Related: #703095
iostat -n - values in output overflows - problem with long device names on
i386

[7.0.2-7]
- Resolves: #706095
iostat -n - values in output overflows

[7.0.2-6]
- Resolves: #696672
cifsstat resource leak

[7.0.2-5]
- Resolves: #604637
extraneous newline in iostat report for long device names
- Resolves: #630559
'sar -P ALL -f xxxx' does not display activity information
- Resolves: #591530
add cifsiostat tool
- Resolves: #598794
Enable parametrization of sadc arguments
- Resolves: #675058
iostat: bogus value appears when device is unmounted/mounted
- Resolves: #622557
sar interrupt count goes backward

[7.0.2-4]
- Resolves: #454617
Though function write() executed successful, sadc end with an error
- Resolves: #468340
The output of sar -I ALL/XALL is wrong in ia64 machine of RHEL5
- Resolves: #517490
The 'sar -d ' command outputs invalid data
- Resolves: #578929
March sar data was appended to February data
- Resolves: #579409
The sysstat's programs such as mpstat shows one extra cpu
- Resolves: #484439
iostat -n enhancement not report NFS client stats correctly

Affected Software/OS:
'sysstat' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-3852
25380
http://www.securityfocus.com/bid/25380
26527
http://secunia.com/advisories/26527
39709
http://osvdb.org/39709
RHSA-2011:1005
http://www.redhat.com/support/errata/RHSA-2011-1005.html
https://bugs.gentoo.org/show_bug.cgi?id=188808
sysstat-init-privilege-escalation(36045)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36045

Copyright Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122120
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-1005)
Summary:	The remote host is missing an update for the 'sysstat' package(s) announced via the ELSA-2011-1005 advisory.
Description:	Summary: The remote host is missing an update for the 'sysstat' package(s) announced via the ELSA-2011-1005 advisory. Vulnerability Insight: [7.0.2-11] - Related: #716959 fix cve-2007-3852 - sysstat insecure temporary file usage [7.0.2-10] - Resolves: #716959 fix cve-2007-3852 - sysstat insecure temporary file usage [7.0.2-9] - Related: #622557 sar interrupt count goes backward [7.0.2-8] - Resolves: #694767 iostat doesn't report statistics for shares with long names - Related: #703095 iostat -n - values in output overflows - problem with long device names on i386 [7.0.2-7] - Resolves: #706095 iostat -n - values in output overflows [7.0.2-6] - Resolves: #696672 cifsstat resource leak [7.0.2-5] - Resolves: #604637 extraneous newline in iostat report for long device names - Resolves: #630559 'sar -P ALL -f xxxx' does not display activity information - Resolves: #591530 add cifsiostat tool - Resolves: #598794 Enable parametrization of sadc arguments - Resolves: #675058 iostat: bogus value appears when device is unmounted/mounted - Resolves: #622557 sar interrupt count goes backward [7.0.2-4] - Resolves: #454617 Though function write() executed successful, sadc end with an error - Resolves: #468340 The output of sar -I ALL/XALL is wrong in ia64 machine of RHEL5 - Resolves: #517490 The 'sar -d ' command outputs invalid data - Resolves: #578929 March sar data was appended to February data - Resolves: #579409 The sysstat's programs such as mpstat shows one extra cpu - Resolves: #484439 iostat -n enhancement not report NFS client stats correctly Affected Software/OS: 'sysstat' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3852 25380 http://www.securityfocus.com/bid/25380 26527 http://secunia.com/advisories/26527 39709 http://osvdb.org/39709 RHSA-2011:1005 http://www.redhat.com/support/errata/RHSA-2011-1005.html https://bugs.gentoo.org/show_bug.cgi?id=188808 sysstat-init-privilege-escalation(36045) https://exchange.xforce.ibmcloud.com/vulnerabilities/36045
Copyright	Copyright (C) 2015 Greenbone AG