Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201203-06 (sudo)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71190

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201203-06 (sudo)

Resumen: The remote host is missing updates announced in;advisory GLSA 201203-06.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201203-06.

Vulnerability Insight:
Two vulnerabilities have been discovered in sudo, allowing local
attackers to possibly gain escalated privileges.

Solution:
All sudo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-admin/sudo-1.8.3_p2'

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0010
BugTraq ID: 45774
http://www.securityfocus.com/bid/45774
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html
http://security.gentoo.org/glsa/glsa-201203-06.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2011:018
http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e
http://openwall.com/lists/oss-security/2011/01/11/3
http://openwall.com/lists/oss-security/2011/01/12/1
http://openwall.com/lists/oss-security/2011/01/12/3
http://www.osvdb.org/70400
http://www.redhat.com/support/errata/RHSA-2011-0599.html
http://secunia.com/advisories/42886
http://secunia.com/advisories/42949
http://secunia.com/advisories/42968
http://secunia.com/advisories/43068
http://secunia.com/advisories/43282
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593654
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://www.ubuntu.com/usn/USN-1046-1
http://www.vupen.com/english/advisories/2011/0089
http://www.vupen.com/english/advisories/2011/0182
http://www.vupen.com/english/advisories/2011/0195
http://www.vupen.com/english/advisories/2011/0199
http://www.vupen.com/english/advisories/2011/0212
http://www.vupen.com/english/advisories/2011/0362
XForce ISS Database: sudo-groupid-privilege-escalation(64636)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64636
Common Vulnerability Exposure (CVE) ID: CVE-2012-0809
http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0591.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-01/att-0591/advisory_sudo.txt

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71190
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201203-06 (sudo)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201203-06.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201203-06. Vulnerability Insight: Two vulnerabilities have been discovered in sudo, allowing local attackers to possibly gain escalated privileges. Solution: All sudo users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.8.3_p2' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0010 BugTraq ID: 45774 http://www.securityfocus.com/bid/45774 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html http://security.gentoo.org/glsa/glsa-201203-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2011:018 http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e http://openwall.com/lists/oss-security/2011/01/11/3 http://openwall.com/lists/oss-security/2011/01/12/1 http://openwall.com/lists/oss-security/2011/01/12/3 http://www.osvdb.org/70400 http://www.redhat.com/support/errata/RHSA-2011-0599.html http://secunia.com/advisories/42886 http://secunia.com/advisories/42949 http://secunia.com/advisories/42968 http://secunia.com/advisories/43068 http://secunia.com/advisories/43282 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593654 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.ubuntu.com/usn/USN-1046-1 http://www.vupen.com/english/advisories/2011/0089 http://www.vupen.com/english/advisories/2011/0182 http://www.vupen.com/english/advisories/2011/0195 http://www.vupen.com/english/advisories/2011/0199 http://www.vupen.com/english/advisories/2011/0212 http://www.vupen.com/english/advisories/2011/0362 XForce ISS Database: sudo-groupid-privilege-escalation(64636) https://exchange.xforce.ibmcloud.com/vulnerabilities/64636 Common Vulnerability Exposure (CVE) ID: CVE-2012-0809 http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0591.html http://archives.neohapsis.com/archives/fulldisclosure/2012-01/att-0591/advisory_sudo.txt
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com