Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2008-0907)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122551

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2008-0907)

Resumen: The remote host is missing an update for the 'pam_krb5' package(s) announced via the ELSA-2008-0907 advisory.

Descripción: Summary:
The remote host is missing an update for the 'pam_krb5' package(s) announced via the ELSA-2008-0907 advisory.

Vulnerability Insight:
[2.2.14-1.el5_2.1]
- add backported fix for ccache permissions bypass when the existing_ticket
option is used (CVE-2008-3825, #462112)

Affected Software/OS:
'pam_krb5' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3825
1020978
http://www.securitytracker.com/id?1020978
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
http://www.securityfocus.com/archive/1/516397/100/0/threaded
31534
http://www.securityfocus.com/bid/31534
32119
http://secunia.com/advisories/32119
32135
http://secunia.com/advisories/32135
32174
http://secunia.com/advisories/32174
43314
http://secunia.com/advisories/43314
FEDORA-2008-8605
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html
FEDORA-2008-8618
https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html
MDVSA-2008:209
http://www.mandriva.com/security/advisories?name=MDVSA-2008:209
RHSA-2008:0907
http://www.redhat.com/support/errata/RHSA-2008-0907.html
SUSE-SR:2008:027
http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=461960
oval:org.mitre.oval:def:10923
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923
pamkrb5-existingticket-privilege-escalation(45635)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45635

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122551
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0907)
Resumen:	The remote host is missing an update for the 'pam_krb5' package(s) announced via the ELSA-2008-0907 advisory.
Descripción:	Summary: The remote host is missing an update for the 'pam_krb5' package(s) announced via the ELSA-2008-0907 advisory. Vulnerability Insight: [2.2.14-1.el5_2.1] - add backported fix for ccache permissions bypass when the existing_ticket option is used (CVE-2008-3825, #462112) Affected Software/OS: 'pam_krb5' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3825 1020978 http://www.securitytracker.com/id?1020978 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX http://www.securityfocus.com/archive/1/516397/100/0/threaded 31534 http://www.securityfocus.com/bid/31534 32119 http://secunia.com/advisories/32119 32135 http://secunia.com/advisories/32135 32174 http://secunia.com/advisories/32174 43314 http://secunia.com/advisories/43314 FEDORA-2008-8605 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html FEDORA-2008-8618 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html MDVSA-2008:209 http://www.mandriva.com/security/advisories?name=MDVSA-2008:209 RHSA-2008:0907 http://www.redhat.com/support/errata/RHSA-2008-0907.html SUSE-SR:2008:027 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html https://bugzilla.redhat.com/show_bug.cgi?id=461960 oval:org.mitre.oval:def:10923 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923 pamkrb5-existingticket-privilege-escalation(45635) https://exchange.xforce.ibmcloud.com/vulnerabilities/45635
Copyright	Copyright (C) 2015 Greenbone AG