ID de Prueba:	1.3.6.1.4.1.25623.1.0.122256
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2010-0891)
Resumen:	The remote host is missing an update for the 'pam' package(s) announced via the ELSA-2010-0891 advisory.
Descripción:	Summary: The remote host is missing an update for the 'pam' package(s) announced via the ELSA-2010-0891 advisory. Vulnerability Insight: [1.1.1-4.1] - fix insecure dropping of privileges in pam_xauth, pam_env, and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335) - fix insecure executing of scripts with user supplied environment variables in pam_namespace - CVE-2010-3853 (#643043) Affected Software/OS: 'pam' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3316 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. http://www.securityfocus.com/archive/1/516909/100/0/threaded 49711 http://secunia.com/advisories/49711 ADV-2011-0606 http://www.vupen.com/english/advisories/2011/0606 GLSA-201206-31 http://security.gentoo.org/glsa/glsa-201206-31.xml MDVSA-2010:220 http://www.mandriva.com/security/advisories?name=MDVSA-2010:220 RHSA-2010:0819 http://www.redhat.com/support/errata/RHSA-2010-0819.html RHSA-2010:0891 http://www.redhat.com/support/errata/RHSA-2010-0891.html [oss-security] 20100816 Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/08/16/2 [oss-security] 20100921 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/21/3 http://openwall.com/lists/oss-security/2010/09/21/8 [oss-security] 20100924 Re: Minor security flaw with pam_xauth http://www.openwall.com/lists/oss-security/2010/09/24/2 [oss-security] 20100927 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/27/4 http://openwall.com/lists/oss-security/2010/09/27/5 [oss-security] 20100928 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/09/27/10 http://openwall.com/lists/oss-security/2010/09/27/7 [oss-security] 20101025 Re: Minor security flaw with pam_xauth http://openwall.com/lists/oss-security/2010/10/25/2 [security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6 http://www.vmware.com/security/advisories/VMSA-2011-0004.html https://bugzilla.redhat.com/show_bug.cgi?id=637898 https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663 Common Vulnerability Exposure (CVE) ID: CVE-2010-3435 http://openwall.com/lists/oss-security/2010/09/27/8 https://bugzilla.redhat.com/show_bug.cgi?id=641335 Common Vulnerability Exposure (CVE) ID: CVE-2010-3853 http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13 https://bugzilla.redhat.com/show_bug.cgi?id=643043 Common Vulnerability Exposure (CVE) ID: CVE-2010-4707 BugTraq ID: 46045 http://www.securityfocus.com/bid/46045 http://openwall.com/lists/oss-security/2010/10/03/1 XForce ISS Database: linuxpam-checkacl-dos(65036) https://exchange.xforce.ibmcloud.com/vulnerabilities/65036 Common Vulnerability Exposure (CVE) ID: CVE-2010-4708 BugTraq ID: 46046 http://www.securityfocus.com/bid/46046 XForce ISS Database: linuxpam-pamenv-priv-escalation(65037) https://exchange.xforce.ibmcloud.com/vulnerabilities/65037
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.