ID de Prueba:	1.3.6.1.4.1.25623.1.0.122561
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0839)
Resumen:	The remote host is missing an update for the 'postfix' package(s) announced via the ELSA-2008-0839 advisory.
Descripción:	Summary: The remote host is missing an update for the 'postfix' package(s) announced via the ELSA-2008-0839 advisory. Vulnerability Insight: [2.3.3-2.1] - fixed postfix privilege problem with symlinks in the mail spool directory (CVE-2008-2936) Resolves: rhbz#456717 Affected Software/OS: 'postfix' package(s) on Oracle Linux 3, Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2936 1020700 http://www.securitytracker.com/id?1020700 20080814 Postfix local privilege escalation via hardlinked symlinks http://www.securityfocus.com/archive/1/495474/100/0/threaded 20080821 rPSA-2008-0259-1 postfix http://www.securityfocus.com/archive/1/495632/100/0/threaded 20080831 PoCfix (PoC for Postfix local root vuln - CVE-2008-2936) http://www.securityfocus.com/archive/1/495882/100/0/threaded 30691 http://www.securityfocus.com/bid/30691 31469 http://secunia.com/advisories/31469 31474 http://secunia.com/advisories/31474 31477 http://secunia.com/advisories/31477 31485 http://secunia.com/advisories/31485 31500 http://secunia.com/advisories/31500 31530 http://secunia.com/advisories/31530 32231 http://secunia.com/advisories/32231 4160 http://securityreason.com/securityalert/4160 6337 https://www.exploit-db.com/exploits/6337 ADV-2008-2385 http://www.vupen.com/english/advisories/2008/2385 DSA-1629 http://www.debian.org/security/2008/dsa-1629 FEDORA-2008-8593 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00287.html FEDORA-2008-8595 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00271.html GLSA-200808-12 http://security.gentoo.org/glsa/glsa-200808-12.xml MDVSA-2008:171 http://www.mandriva.com/security/advisories?name=MDVSA-2008:171 RHSA-2008:0839 http://www.redhat.com/support/errata/RHSA-2008-0839.html SUSE-SA:2008:040 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00002.html USN-636-1 https://usn.ubuntu.com/636-1/ VU#938323 http://www.kb.cert.org/vuls/id/938323 [postfix-announce] 20080814 Postfix local privilege escalation via hardlinked symlinks http://article.gmane.org/gmane.mail.postfix.announce/110 ftp://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-2.6-20080814.HISTORY ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.3.15.HISTORY ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.4.8.HISTORY ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-2.5.4.HISTORY http://wiki.rpath.com/Advisories:rPSA-2008-0259 https://issues.rpath.com/browse/RPL-2689 oval:org.mitre.oval:def:10033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10033 postfix-symlink-code-execution(44460) https://exchange.xforce.ibmcloud.com/vulnerabilities/44460
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.