Test Kennung:	1.3.6.1.4.1.25623.1.0.120578
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2014-371)
Zusammenfassung:	The remote host is missing an update for the 'python-jinja2' package(s) announced via the ALAS-2014-371 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'python-jinja2' package(s) announced via the ALAS-2014-371 advisory. Vulnerability Insight: The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp. Affected Software/OS: 'python-jinja2' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1402 http://www.gentoo.org/security/en/glsa/glsa-201408-13.xml http://www.mandriva.com/security/advisories?name=MDVSA-2014:096 https://oss.oracle.com/pipermail/el-errata/2014-June/004192.html http://openwall.com/lists/oss-security/2014/01/10/2 http://openwall.com/lists/oss-security/2014/01/10/3 RedHat Security Advisories: RHSA-2014:0747 http://rhn.redhat.com/errata/RHSA-2014-0747.html RedHat Security Advisories: RHSA-2014:0748 http://rhn.redhat.com/errata/RHSA-2014-0748.html http://secunia.com/advisories/56287 http://secunia.com/advisories/58783 http://secunia.com/advisories/58918 http://secunia.com/advisories/59017 http://secunia.com/advisories/60738 http://secunia.com/advisories/60770
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.