Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2011-1241)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122096

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2011-1241)

Resumen: The remote host is missing an update for the 'ecryptfs-utils' package(s) announced via the ELSA-2011-1241 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ecryptfs-utils' package(s) announced via the ELSA-2011-1241 advisory.

Vulnerability Insight:
[82-6.3]
- do not forget to set the group id in mount.ecryptfs_private

[82-6.2]
- fix regression in ecryptfs-setup-private

[82-6.1]
- security fixes:
- privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832)
- race condition when checking source during mount (CVE-2011-1833)
- mtab corruption via improper handling (CVE-2011-1834)
- key poisoning via insecure temp directory handling (CVE-2011-1835)
- arbitrary file overwrite via lock counter race (CVE-2011-1837)

Affected Software/OS:
'ecryptfs-utils' package(s) on Oracle Linux 5, Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1831
SuSE Security Announcement: SUSE-SU-2011:0898 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html
http://www.ubuntu.com/usn/USN-1188-1
Common Vulnerability Exposure (CVE) ID: CVE-2011-1832
Common Vulnerability Exposure (CVE) ID: CVE-2011-1834
Common Vulnerability Exposure (CVE) ID: CVE-2011-1835
Common Vulnerability Exposure (CVE) ID: CVE-2011-1837
Common Vulnerability Exposure (CVE) ID: CVE-2011-3145
http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/558

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122096
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-1241)
Resumen:	The remote host is missing an update for the 'ecryptfs-utils' package(s) announced via the ELSA-2011-1241 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ecryptfs-utils' package(s) announced via the ELSA-2011-1241 advisory. Vulnerability Insight: [82-6.3] - do not forget to set the group id in mount.ecryptfs_private [82-6.2] - fix regression in ecryptfs-setup-private [82-6.1] - security fixes: - privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832) - race condition when checking source during mount (CVE-2011-1833) - mtab corruption via improper handling (CVE-2011-1834) - key poisoning via insecure temp directory handling (CVE-2011-1835) - arbitrary file overwrite via lock counter race (CVE-2011-1837) Affected Software/OS: 'ecryptfs-utils' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1831 SuSE Security Announcement: SUSE-SU-2011:0898 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00009.html http://www.ubuntu.com/usn/USN-1188-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-1832 Common Vulnerability Exposure (CVE) ID: CVE-2011-1834 Common Vulnerability Exposure (CVE) ID: CVE-2011-1835 Common Vulnerability Exposure (CVE) ID: CVE-2011-1837 Common Vulnerability Exposure (CVE) ID: CVE-2011-3145 http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/558
Copyright	Copyright (C) 2015 Greenbone AG