Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.53933
Kategorie:Slackware Local Security Checks
Titel:Slackware Advisory SSA:2004-124-01 rsync update
Zusammenfassung:The remote host is missing an update as announced;via advisory SSA:2004-124-01.
Beschreibung:Summary:
The remote host is missing an update as announced
via advisory SSA:2004-124-01.

Vulnerability Insight:
New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to
fix a security issue. When running an rsync server without the chroot option
it is possible for an attacker to write outside of the allowed directory.
Any sites running rsync in that mode should upgrade right away (and should
probably look into using the chroot option as well).

Solution:
Upgrade to the new package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 10247
Common Vulnerability Exposure (CVE) ID: CVE-2004-0426
http://www.securityfocus.com/bid/10247
Bugtraq: 20040521 [OpenPKG-SA-2004.025] OpenPKG Security Advisory (rsync) (Google Search)
http://marc.info/?l=bugtraq&m=108515912212018&w=2
Computer Incident Advisory Center Bulletin: O-134
http://www.ciac.org/ciac/bulletins/o-134.shtml
Computer Incident Advisory Center Bulletin: O-212
http://www.ciac.org/ciac/bulletins/o-212.shtml
Debian Security Information: DSA-499 (Google Search)
http://www.debian.org/security/2004/dsa-499
http://www.gentoo.org/security/en/glsa/glsa-200407-10.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:042
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9495
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A967
http://www.redhat.com/support/errata/RHSA-2004-192.html
http://secunia.com/advisories/11514
http://secunia.com/advisories/11515
http://secunia.com/advisories/11523
http://secunia.com/advisories/11537
http://secunia.com/advisories/11583
http://secunia.com/advisories/11669
http://secunia.com/advisories/11688
http://secunia.com/advisories/11993
http://secunia.com/advisories/12054
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.403462
http://www.trustix.net/errata/misc/2004/TSL-2004-0024-rsync.asc.txt
XForce ISS Database: rsync-write-files(16014)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16014
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.