SuSE Local Security Checks : SuSE Security Advisory SUSE-SA:2009:020 (udev)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.63845
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2009:020 (udev)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2009:020. Sebastian Krahmer of SUSE Security identified a problem in udevd with handling of netlink messages. Local attackers could inject netlink messages due to a missing origin check where only the kernel should have been able to and so are able to escalate privileges. (CVE-2009-1185) Fixed packages have been released to address this issue for openSUSE 10.3-11.1, SUSE Linux Enterprise 10 SP2 and SUSE Linux Enterprise 11. SUSE Linux Enterprise Server 9 and Novell Linux Desktop 9 are not affected by this problem. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:020 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1185 BugTraq ID: 34536 http://www.securityfocus.com/bid/34536 Bugtraq: 20090417 rPSA-2009-0063-1 udev (Google Search) http://www.securityfocus.com/archive/1/502752/100/0/threaded Bugtraq: 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl (Google Search) http://www.securityfocus.com/archive/1/504849/100/0/threaded Debian Security Information: DSA-1772 (Google Search) http://www.debian.org/security/2009/dsa-1772 https://www.exploit-db.com/exploits/8572 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 http://www.mandriva.com/security/advisories?name=MDVSA-2009:104 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 https://launchpad.net/bugs/cve/2009-1185 http://lists.vmware.com/pipermail/security-announce/2009/000060.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975 http://www.redhat.com/support/errata/RHSA-2009-0427.html http://www.securitytracker.com/id?1022067 http://secunia.com/advisories/34731 http://secunia.com/advisories/34750 http://secunia.com/advisories/34753 http://secunia.com/advisories/34771 http://secunia.com/advisories/34776 http://secunia.com/advisories/34785 http://secunia.com/advisories/34787 http://secunia.com/advisories/34801 http://secunia.com/advisories/35766 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 SuSE Security Announcement: SUSE-SA:2009:020 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html SuSE Security Announcement: SUSE-SA:2009:025 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html http://www.ubuntu.com/usn/usn-758-1 http://www.vupen.com/english/advisories/2009/1053 http://www.vupen.com/english/advisories/2009/1865 Common Vulnerability Exposure (CVE) ID: CVE-2009-1186 BugTraq ID: 34539 http://www.securityfocus.com/bid/34539 https://launchpad.net/bugs/cve/2009-1186 http://www.securitytracker.com/id?1022068
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com