Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0309)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.123966
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-0309)
Zusammenfassung:	The remote host is missing an update for the 'sudo' package(s) announced via the ELSA-2012-0309 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sudo' package(s) announced via the ELSA-2012-0309 advisory. Vulnerability Insight: [1.7.2p1-13] - patch: parse ldap.conf more closely to nss_ldap Resolves: rhbz#750318 [1.7.2p1-12] - added patch for CVE-2011-0010 Resolves: rhbz#757157 [1.7.2p1-11] - backported selinux support from 1.7.4p5 (#477185, #673157) - fixed bug in Runas_Spec group matching (#627543) - disable 'sudo -l' output word wrapping if the output is piped (#697111) - fixed overwriting of errno after execve failure (#673157) - fixed segmentation fault (#673072) - add a sudoers entry to the nsswitch.conf file on install (and delete it on uninstall) (#617061) Resolves: rhbz#697111 Resolves: rhbz#673157 Resolves: rhbz#673072 Resolves: rhbz#627543 Resolves: rhbz#617061 Resolves: rhbz#477185 Affected Software/OS: 'sudo' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0010 42886 http://secunia.com/advisories/42886 42949 http://secunia.com/advisories/42949 42968 http://secunia.com/advisories/42968 43068 http://secunia.com/advisories/43068 43282 http://secunia.com/advisories/43282 45774 http://www.securityfocus.com/bid/45774 70400 http://www.osvdb.org/70400 ADV-2011-0089 http://www.vupen.com/english/advisories/2011/0089 ADV-2011-0182 http://www.vupen.com/english/advisories/2011/0182 ADV-2011-0195 http://www.vupen.com/english/advisories/2011/0195 ADV-2011-0199 http://www.vupen.com/english/advisories/2011/0199 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 ADV-2011-0362 http://www.vupen.com/english/advisories/2011/0362 FEDORA-2011-0455 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html FEDORA-2011-0470 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html GLSA-201203-06 http://security.gentoo.org/glsa/glsa-201203-06.xml MDVSA-2011:018 http://www.mandriva.com/security/advisories?name=MDVSA-2011:018 RHSA-2011:0599 http://www.redhat.com/support/errata/RHSA-2011-0599.html SSA:2011-041-05 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593654 SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html USN-1046-1 http://www.ubuntu.com/usn/USN-1046-1 [oss-security] 20110111 CVE request: sudo does not ask for password on GID changes http://openwall.com/lists/oss-security/2011/01/11/3 [oss-security] 20110112 Re: CVE request: sudo does not ask for password on GID changes http://openwall.com/lists/oss-security/2011/01/12/1 http://openwall.com/lists/oss-security/2011/01/12/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641 http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e http://www.sudo.ws/repos/sudo/rev/fe8a94f96542 http://www.sudo.ws/sudo/alerts/runas_group_pw.html https://bugzilla.redhat.com/show_bug.cgi?id=668879 sudo-groupid-privilege-escalation(64636) https://exchange.xforce.ibmcloud.com/vulnerabilities/64636
Copyright	Copyright (C) 2015 Greenbone AG