Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2009-1339)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122450

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2009-1339)

Resumen: The remote host is missing an update for the 'rgmanager' package(s) announced via the ELSA-2009-1339 advisory.

Descripción: Summary:
The remote host is missing an update for the 'rgmanager' package(s) announced via the ELSA-2009-1339 advisory.

Vulnerability Insight:
[2.0.52-1.0.1]
- Update summary and description to be vendor neutral

[2.0.52-1]
- When vm.sh does a status check and gets 'no state' it is now treated as a
running state.
- Resolves: rhb#514044

[2.0.51-1]
- In some cases virtual machines will be restarted after a successful migration
when the cluster configuration is updated.
- Resolves: rhbz#505340

[2.0.50-1]
- Extra checks from the oracle agents have been removed.
- Several fixes to prevent DOS attacks through insecure use of /tmp/ files have
been implemented.
- vm.sh now uses libvirt
- Users can now define an explicit service processing order when
central_processing is enabled
- Resolves: rhbz#470917 rhbz#412911 rhbz#468691 rhbz#492828

[2.0.49-1]
- Rgmanger now checks to see if it has been killed by the OOM killer and if
so, reboots the node.
- Resolves: rhbz#488072

[2.0.48-1]
- clulog now accepts '-' as the first character in messages.
- If expire_time is 0 max_restarts is no longer ignored.
- SAP scripts have been updated.
- Empty PID files no longer cause resource start failures.
- Recovery policy of type restart now works properly when using a resource
based on ra-skelet.sh
- startup_wait option has been added to the mysql resource agent.
- samba.sh now kills the pid listed in the proper pid file.
- Handling of '-F' has been improved to fix issues with rgmanager crashing if
no members of a restricted failover domain are online and rgmanager failing
to correctly restart service is they fail on the first node.
- Enabled ability to prioritize services.
- It is now possible to cap the number of simultaneious status checks to
prevent load spikes.
- Enabling a frozen service no longer fails and leaves the service in a failed
state.
- Forking and cloning during status checks has been optimized to reduce load
spikes.
- rg_test no longer hangs when running against a cluster due to the removal
of an 8MB memory cap.
- Resolves: rhbz#471431 rhbz#475826 rhbz#474444 rhbz#449394 rhbz#481058 rhbz#483093 rhbz#486711 rhbz#486717 rhbz#482858 rhbz#487598 rhbz#488714 rhbz#250718 rhbz#490455

Affected Software/OS:
'rgmanager' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-6552
BugTraq ID: 32179
http://www.securityfocus.com/bid/32179
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html
http://osvdb.org/50299
http://osvdb.org/50300
http://osvdb.org/50301
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404
RedHat Security Advisories: RHSA-2009:1337
http://rhn.redhat.com/errata/RHSA-2009-1337.html
http://www.redhat.com/support/errata/RHSA-2009-1339.html
http://www.redhat.com/support/errata/RHSA-2009-1341.html
http://www.redhat.com/support/errata/RHSA-2011-0264.html
http://www.redhat.com/support/errata/RHSA-2011-0265.html
http://secunia.com/advisories/32602
http://secunia.com/advisories/32616
http://secunia.com/advisories/36530
http://secunia.com/advisories/36555
http://secunia.com/advisories/43367
http://secunia.com/advisories/43372
http://www.ubuntu.com/usn/USN-875-1
http://www.vupen.com/english/advisories/2011/0416
http://www.vupen.com/english/advisories/2011/0417
XForce ISS Database: clusterproject-unspecified-priv-escalation(46412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46412

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122450
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-1339)
Resumen:	The remote host is missing an update for the 'rgmanager' package(s) announced via the ELSA-2009-1339 advisory.
Descripción:	Summary: The remote host is missing an update for the 'rgmanager' package(s) announced via the ELSA-2009-1339 advisory. Vulnerability Insight: [2.0.52-1.0.1] - Update summary and description to be vendor neutral [2.0.52-1] - When vm.sh does a status check and gets 'no state' it is now treated as a running state. - Resolves: rhb#514044 [2.0.51-1] - In some cases virtual machines will be restarted after a successful migration when the cluster configuration is updated. - Resolves: rhbz#505340 [2.0.50-1] - Extra checks from the oracle agents have been removed. - Several fixes to prevent DOS attacks through insecure use of /tmp/ files have been implemented. - vm.sh now uses libvirt - Users can now define an explicit service processing order when central_processing is enabled - Resolves: rhbz#470917 rhbz#412911 rhbz#468691 rhbz#492828 [2.0.49-1] - Rgmanger now checks to see if it has been killed by the OOM killer and if so, reboots the node. - Resolves: rhbz#488072 [2.0.48-1] - clulog now accepts '-' as the first character in messages. - If expire_time is 0 max_restarts is no longer ignored. - SAP scripts have been updated. - Empty PID files no longer cause resource start failures. - Recovery policy of type restart now works properly when using a resource based on ra-skelet.sh - startup_wait option has been added to the mysql resource agent. - samba.sh now kills the pid listed in the proper pid file. - Handling of '-F' has been improved to fix issues with rgmanager crashing if no members of a restricted failover domain are online and rgmanager failing to correctly restart service is they fail on the first node. - Enabled ability to prioritize services. - It is now possible to cap the number of simultaneious status checks to prevent load spikes. - Enabling a frozen service no longer fails and leaves the service in a failed state. - Forking and cloning during status checks has been optimized to reduce load spikes. - rg_test no longer hangs when running against a cluster due to the removal of an 8MB memory cap. - Resolves: rhbz#471431 rhbz#475826 rhbz#474444 rhbz#449394 rhbz#481058 rhbz#483093 rhbz#486711 rhbz#486717 rhbz#482858 rhbz#487598 rhbz#488714 rhbz#250718 rhbz#490455 Affected Software/OS: 'rgmanager' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-6552 BugTraq ID: 32179 http://www.securityfocus.com/bid/32179 http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html http://osvdb.org/50299 http://osvdb.org/50300 http://osvdb.org/50301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404 RedHat Security Advisories: RHSA-2009:1337 http://rhn.redhat.com/errata/RHSA-2009-1337.html http://www.redhat.com/support/errata/RHSA-2009-1339.html http://www.redhat.com/support/errata/RHSA-2009-1341.html http://www.redhat.com/support/errata/RHSA-2011-0264.html http://www.redhat.com/support/errata/RHSA-2011-0265.html http://secunia.com/advisories/32602 http://secunia.com/advisories/32616 http://secunia.com/advisories/36530 http://secunia.com/advisories/36555 http://secunia.com/advisories/43367 http://secunia.com/advisories/43372 http://www.ubuntu.com/usn/USN-875-1 http://www.vupen.com/english/advisories/2011/0416 http://www.vupen.com/english/advisories/2011/0417 XForce ISS Database: clusterproject-unspecified-priv-escalation(46412) https://exchange.xforce.ibmcloud.com/vulnerabilities/46412
Copyright	Copyright (C) 2015 Greenbone AG