Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.62846
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 200812-08 (mgetty)
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory GLSA 200812-08.

Mgetty uses temporary files in an insecure manner, allowing for symlink
attacks.

Solution:
All Mgetty users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-dialup/mgetty-1.1.36-r2'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200812-08
http://bugs.gentoo.org/show_bug.cgi?id=235806

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-4936
BugTraq ID: 30927
http://www.securityfocus.com/bid/30927
http://security.gentoo.org/glsa/glsa-200812-08.xml
http://uvw.ru/report.lenny.txt
http://www.openwall.com/lists/oss-security/2008/10/30/2
http://secunia.com/advisories/33051
XForce ISS Database: mgetty-faxspool-symlink(44833)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44833
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.