ID de Prueba:	1.3.6.1.4.1.25623.1.0.64067
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:1077
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to the kernel announced in advisory RHSA-2009:1077. This update includes backported fixes for two approved security issues. These issues only affected users of Red Hat Enterprise Linux 4.7 Extended Update Support, as they have already been addressed for users of Red Hat Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024. * the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important) * the Linux kernel implementation of the Network File System (NFS) version 4 did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFSv4 share. (CVE-2009-1336, Moderate) Users should upgrade to these updated packages, which contain backported patches to correct these issues. For this update to take effect, the system must be rebooted. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2009-1077.html http://www.redhat.com/security/updates/classification/#important CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1336 BugTraq ID: 34390 http://www.securityfocus.com/bid/34390 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Debian Security Information: DSA-1794 (Google Search) http://www.debian.org/security/2009/dsa-1794 http://www.openwall.com/lists/oss-security/2009/04/06/1 http://www.openwall.com/lists/oss-security/2009/04/17/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10859 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8495 RedHat Security Advisories: RHSA-2009:0473 http://rhn.redhat.com/errata/RHSA-2009-0473.html http://www.redhat.com/support/errata/RHSA-2009-1024.html http://www.redhat.com/support/errata/RHSA-2009-1077.html http://www.securitytracker.com/id?1022176 http://secunia.com/advisories/35011 http://secunia.com/advisories/35015 http://secunia.com/advisories/35160 http://secunia.com/advisories/35324 http://secunia.com/advisories/35656 http://secunia.com/advisories/37471 http://www.ubuntu.com/usn/usn-793-1 http://www.vupen.com/english/advisories/2009/3316 Common Vulnerability Exposure (CVE) ID: CVE-2009-1337 BugTraq ID: 34405 http://www.securityfocus.com/bid/34405 Bugtraq: 20090516 rPSA-2009-0084-1 kernel (Google Search) http://www.securityfocus.com/archive/1/503610/100/0/threaded Bugtraq: 20100625 VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel (Google Search) http://www.securityfocus.com/archive/1/512019/100/0/threaded Debian Security Information: DSA-1787 (Google Search) http://www.debian.org/security/2009/dsa-1787 Debian Security Information: DSA-1800 (Google Search) http://www.debian.org/security/2009/dsa-1800 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01126.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:119 http://www.mandriva.com/security/advisories?name=MDVSA-2009:135 http://marc.info/?l=linux-kernel&m=123560588713763&w=2 http://www.openwall.com/lists/oss-security/2009/04/07/1 http://www.openwall.com/lists/oss-security/2009/04/17/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10919 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11206 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8295 http://www.redhat.com/support/errata/RHSA-2009-0451.html RedHat Security Advisories: RHSA-2009:1550 https://rhn.redhat.com/errata/RHSA-2009-1550.html http://www.securitytracker.com/id?1022141 http://secunia.com/advisories/34917 http://secunia.com/advisories/34981 http://secunia.com/advisories/35120 http://secunia.com/advisories/35121 http://secunia.com/advisories/35185 http://secunia.com/advisories/35226 http://secunia.com/advisories/35387 http://secunia.com/advisories/35390 http://secunia.com/advisories/35394 SuSE Security Announcement: SUSE-SA:2009:028 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html SuSE Security Announcement: SUSE-SA:2009:030 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html SuSE Security Announcement: SUSE-SA:2009:031 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html SuSE Security Announcement: SUSE-SA:2009:032 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.