Test Kennung:	1.3.6.1.4.1.25623.1.0.54698
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200410-07 (ed)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200410-07. The ed utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change rights on arbitrary files with the rights of the user running ed, which could be the root user. Solution: All ed users should upgrade to the latest version: # emerge sync # emerge -pv '>=sys-apps/ed-0.2-r4' # emerge '>=sys-apps/ed-0.2-r4' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200410-07 http://bugs.gentoo.org/show_bug.cgi?id=66400 CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 2095 Common Vulnerability Exposure (CVE) ID: CVE-2000-1137 Bugtraq: 20001211 Immunix OS Security update for ed (Google Search) Conectiva Linux advisory: CLA-2000:359-2 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359 Debian Security Information: 20001129 DSA-001-1 ed: symlink attack (Google Search) http://www.debian.org/security/2000/20001129 http://www.linux-mandrake.com/en/security/MDKSA-2000-076.php3 http://www.osvdb.org/6491 http://www.redhat.com/support/errata/RHSA-2000-123.html XForce ISS Database: gnu-ed-symlink(5723) https://exchange.xforce.ibmcloud.com/vulnerabilities/5723
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.