Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.63647
Kategorie:Mandrake Local Security Checks
Titel:Mandrake Security Advisory MDVSA-2009:060-1 (nfs-utils)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to nfs-utils
announced via advisory MDVSA-2009:060-1.

A security vulnerability has been identified and fixed in nfs-utils,
which caused TCP Wrappers to ignore netgroups and allows remote
attackers to bypass intended access restrictions (CVE-2008-4552).

The updated packages have been patched to prevent this.

Update:

The Corporate Server 4 packages had the wrong release number (lower
than before) which prevented the update packages from being installed
automatically. This problem has now been solved with new packages
with the correct release number.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2009:060-1

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-4552
BugTraq ID: 31823
http://www.securityfocus.com/bid/31823
Bugtraq: 20081030 rPSA-2008-0307-1 nfs-client nfs-server nfs-utils (Google Search)
http://www.securityfocus.com/archive/1/497935/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2009:060
http://www.openwall.com/lists/oss-security/2012/07/19/2
http://www.openwall.com/lists/oss-security/2012/07/19/5
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8325
http://www.redhat.com/support/errata/RHSA-2009-1321.html
http://secunia.com/advisories/32346
http://secunia.com/advisories/32481
http://secunia.com/advisories/33006
http://secunia.com/advisories/36538
http://secunia.com/advisories/38794
http://secunia.com/advisories/38833
http://www.ubuntu.com/usn/USN-687-1
http://www.vupen.com/english/advisories/2010/0528
XForce ISS Database: nfsutils-hostctl-security-bypass(45895)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45895
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.