Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0304)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.123970

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2012-0304)

Zusammenfassung: The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.

Vulnerability Insight:
[4:4.1-81]
- 455664 adoptions of crontab orphans, forgot add buffer for list of
orphans
- Related: rhbz#455664

[4:4.1-80]
- 654961 crond process ignores the changes of user's home directory needs
bigger changes of code. The fix wasn't applied, detail in comment#11.
- Related: rhbz#249512

[4:4.1-79]
- CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp
of user's crontab file, when editing the file
- Resolves: rhbz#741534

[4:4.1-78]
- 625016 - crond requires a restart if mcstransd is stopped
- Resolves: rhbz#625016

[4:4.1-78]
- 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax
- Resolves: rhbz#460070

[4:4.1-78]
- 455664 adoptions of crontab orphans
- 249512 crontab should verify a user's access to PAM cron service
- Resolves: rhbz#455664, rhbz#249512

[4:4.1-78]
- 699621 and 699620 man page fix
- 529632 service crond status return correct status
- 480930 set correct pie options in CFLAGS and LDFLAGS
- 476972 crontab error with @reboot entry
- Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972

Affected Software/OS:
'vixie-cron' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
3.3

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-0424
38391
http://www.securityfocus.com/bid/38391
38700
http://secunia.com/advisories/38700
38741
http://secunia.com/advisories/38741
48104
http://secunia.com/advisories/48104
FEDORA-2010-2751
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.html
http://git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61
https://bugzilla.redhat.com/show_bug.cgi?id=565809

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.123970
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-0304)
Zusammenfassung:	The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory. Vulnerability Insight: [4:4.1-81] - 455664 adoptions of crontab orphans, forgot add buffer for list of orphans - Related: rhbz#455664 [4:4.1-80] - 654961 crond process ignores the changes of user's home directory needs bigger changes of code. The fix wasn't applied, detail in comment#11. - Related: rhbz#249512 [4:4.1-79] - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file - Resolves: rhbz#741534 [4:4.1-78] - 625016 - crond requires a restart if mcstransd is stopped - Resolves: rhbz#625016 [4:4.1-78] - 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax - Resolves: rhbz#460070 [4:4.1-78] - 455664 adoptions of crontab orphans - 249512 crontab should verify a user's access to PAM cron service - Resolves: rhbz#455664, rhbz#249512 [4:4.1-78] - 699621 and 699620 man page fix - 529632 service crond status return correct status - 480930 set correct pie options in CFLAGS and LDFLAGS - 476972 crontab error with @reboot entry - Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972 Affected Software/OS: 'vixie-cron' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0424 38391 http://www.securityfocus.com/bid/38391 38700 http://secunia.com/advisories/38700 38741 http://secunia.com/advisories/38741 48104 http://secunia.com/advisories/48104 FEDORA-2010-2751 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.html http://git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61 https://bugzilla.redhat.com/show_bug.cgi?id=565809
Copyright	Copyright (C) 2015 Greenbone AG