ID de Prueba:	1.3.6.1.4.1.25623.1.0.122230
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2011-0320)
Resumen:	The remote host is missing an update for the 'libcgroup' package(s) announced via the ELSA-2011-0320 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libcgroup' package(s) announced via the ELSA-2011-0320 advisory. Vulnerability Insight: [0.36-6.1] - Fixed buffer overflow when parsing cgexec command line parameters. - Added checking of source of netlink messages to cgrulesengd daemon. - Resolves: CVE-2011-1006 CVE-2011-1022 Affected Software/OS: 'libcgroup' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1006 1025158 http://www.securitytracker.com/id?1025158 43611 http://secunia.com/advisories/43611 43758 http://secunia.com/advisories/43758 43891 http://secunia.com/advisories/43891 44093 http://secunia.com/advisories/44093 46729 http://www.securityfocus.com/bid/46729 ADV-2011-0679 http://www.vupen.com/english/advisories/2011/0679 ADV-2011-0774 http://www.vupen.com/english/advisories/2011/0774 DSA-2193 http://www.debian.org/security/2011/dsa-2193 FEDORA-2011-2631 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html FEDORA-2011-2638 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html RHSA-2011:0320 http://www.redhat.com/support/errata/RHSA-2011-0320.html http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg%3Ba=commit%3Bh=5ae8aea1ecd60c439121d3329d8eaabf13d292c1 http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download https://bugzilla.redhat.com/show_bug.cgi?id=678107 openSUSE-SU-2011:0316 http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1022 1025157 http://www.securitytracker.com/id?1025157 46578 http://www.securityfocus.com/bid/46578 [libcg-devel] 20101115 Fwd: libcgroup netlink http://sourceforge.net/mailarchive/message.php?msg_id=26598749 [libcg-devel] 20110218 [PATCH 2/2] cgrulesengd: Ignore netlink messages that don't come from the kernel. http://sourceforge.net/mailarchive/message.php?msg_id=27102603 [oss-security] 20110224 CVE request: libcgroup: Failure to verify netlink messages http://openwall.com/lists/oss-security/2011/02/25/6 [oss-security] 20110225 Re: CVE request: libcgroup: Failure to verify netlink messages http://openwall.com/lists/oss-security/2011/02/25/11 http://openwall.com/lists/oss-security/2011/02/25/12 http://openwall.com/lists/oss-security/2011/02/25/14 http://openwall.com/lists/oss-security/2011/02/25/9 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615987 https://bugzilla.redhat.com/show_bug.cgi?id=680409
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.