Test Kennung:	1.3.6.1.4.1.25623.1.0.841711
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for maas USN-2105-1
Zusammenfassung:	The remote host is missing an update for the 'maas'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'maas' package(s) announced via the referenced advisory. Vulnerability Insight: James Troup discovered that MAAS stored RabbitMQ authentication credentials in a world-readable file. A local authenticated user could read this password and potentially gain privileges of other user accounts. This update restricts the file permissions to prevent unintended access. (CVE-2013-1070) Chris Glass discovered that the MAAS API was vulnerable to cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. (CVE-2013-1069) Affected Software/OS: maas on Ubuntu 13.10, Ubuntu 12.10, Ubuntu 12.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1070 BugTraq ID: 65575 http://www.securityfocus.com/bid/65575 http://www.ubuntu.com/usn/USN-2105-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1069
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.