Test Kennung:	1.3.6.1.4.1.25623.1.0.123520
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2013-1701)
Zusammenfassung:	The remote host is missing an update for the 'sudo' package(s) announced via the ELSA-2013-1701 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the ELSA-2013-1701 advisory. Vulnerability Insight: [1.8.6p3-12] - added patches for CVE-2013-1775 CVE-2013-2777 CVE-2013-2776 Resolves: rhbz#1015355 [1.8.6p3-11] - sssd: fixed a bug in ipa_hostname processing Resolves: rhbz#853542 [1.8.6p3-10] - sssd: fixed buffer size for the ipa_hostname value Resolves: rhbz#853542 [1.8.6p3-9] - sssd: match against ipa_hostname from sssd.conf too when checking sudoHost Resolves: rhbz#853542 [1.8.6p3-8] - updated man-page - fixed handling of RLIMIT_NPROC resource limit - fixed alias cycle detection code - added debug messages for tracing of netgroup matching - fixed aborting on realloc when displaying allowed commands - show the SUDO_USER in logs, if running commands as root - sssd: filter netgroups in the sudoUser attribute Resolves: rhbz#856901 Resolves: rhbz#947276 Resolves: rhbz#886648 Resolves: rhbz#994563 Resolves: rhbz#848111 Resolves: rhbz#994626 Resolves: rhbz#973228 Resolves: rhbz#880150 Affected Software/OS: 'sudo' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1775 http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 58203 http://www.securityfocus.com/bid/58203 Debian Security Information: DSA-2642 (Google Search) http://www.debian.org/security/2013/dsa-2642 http://www.openwall.com/lists/oss-security/2013/02/27/22 http://osvdb.org/90677 RedHat Security Advisories: RHSA-2013:1353 http://rhn.redhat.com/errata/RHSA-2013-1353.html RedHat Security Advisories: RHSA-2013:1701 http://rhn.redhat.com/errata/RHSA-2013-1701.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.517440 SuSE Security Announcement: openSUSE-SU-2013:0495 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00066.html http://www.ubuntu.com/usn/USN-1754-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-2776 BugTraq ID: 58207 http://www.securityfocus.com/bid/58207 BugTraq ID: 62741 http://www.securityfocus.com/bid/62741 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701839 https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/87023 https://bugzilla.redhat.com/show_bug.cgi?id=916365 http://www.openwall.com/lists/oss-security/2013/02/27/31 XForce ISS Database: sudo-ttytickets-sec-bypass(82453) https://exchange.xforce.ibmcloud.com/vulnerabilities/82453 Common Vulnerability Exposure (CVE) ID: CVE-2013-2777
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.