Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.63648 |
Kategorie: | Mandrake Local Security Checks |
Titel: | Mandrake Security Advisory MDVSA-2009:077 (pam) |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing an update to pam announced via advisory MDVSA-2009:077. A security vulnerability has been identified and fixed in pam: Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt (CVE-2009-0887). The updated packages have been patched to prevent this. Additionally some development packages were missing that are required to build pam for CS4, these are also provided with this update. Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2009:077 CVSS Score: 6.6 CVSS Vector: AV:L/AC:M/Au:S/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-0887 BugTraq ID: 34010 http://www.securityfocus.com/bid/34010 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:077 http://openwall.com/lists/oss-security/2009/03/05/1 http://secunia.com/advisories/34733 XForce ISS Database: linuxpam-pamstrtok-priv-escalation(49110) https://exchange.xforce.ibmcloud.com/vulnerabilities/49110 |
Copyright | Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |