Test ID:	1.3.6.1.4.1.25623.1.0.54239
Category:	Trustix Local Security Checks
Title:	Trustix Security Advisory TSLSA-2002-0064 (util-linux)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory TSLSA-2002-0064. The chfn feature of the util-linux package shipped with all versions of TSL suffers from a locally exploitable file locking problem. With some interference from the system administrator a attacker could gain escalated privilegies. As a result of upgrading the some what old TSL 1.1 release, the bash packages for TSL 1.1 are also updated. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2002-0638 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0064 Risk factor : High CVSS Score: 6.2
Cross-Ref:	BugTraq ID: 5344 Common Vulnerability Exposure (CVE) ID: CVE-2002-0638 http://www.securityfocus.com/bid/5344 Bugtraq: 20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability (Google Search) http://marc.info/?l=bugtraq&m=102795787713996&w=2 Bugtraq: 20020730 TSLSA-2002-0064 - util-linux (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html Caldera Security Advisory: CSSA-2002-043.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt CERT/CC vulnerability note: VU#405955 http://www.kb.cert.org/vuls/id/405955 Conectiva Linux advisory: CLA-2002:523 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523 HPdes Security Advisory: HPSBTL0207-054 http://online.securityfocus.com/advisories/4320 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php http://www.osvdb.org/5164 RedHat Security Advisories: RHSA-2002:132 http://rhn.redhat.com/errata/RHSA-2002-132.html http://www.redhat.com/support/errata/RHSA-2002-137.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html http://www.iss.net/security_center/static/9709.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.