Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0958)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123890

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-0958)

Resumen: The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory.

Descripción: Summary:
The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory.

Vulnerability Insight:
[2.2-29.0.1.el6]
- Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272]
- Disable --upload option as it will not work with Oracle support
- Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869]
- Remove RH ftp URL and support email
- add sos-oracle-enterprise.patch

[2.2-29.el6]
- Collect the swift configuration directory in gluster module
Resolves: bz822442
- Update IPA module and related plug-ins
Resolves: bz812395

[2.2-28.el6]
- Collect mcelog files in the hardware module
Resolves: bz810702

[2.2-27.el6]
- Add nfs statedump collection to gluster module
Resolves: bz752549

[2.2-26.el6]
- Use wildcard to match possible libvirt log paths
Resolves: bz814474

[2.2-25.el6]
- Add forbidden paths for new location of gluster private keys
Resolves: bz752549

[2.2-24.el6]
- Fix katello and aeolus command string syntax
Resolves: bz752666
- Remove stray hunk from gluster module patch
Resolves: bz784061

[2.2-22.el6]
- Correct aeolus debug invocation in CloudForms module
Resolves: bz752666
- Update gluster module for gluster-3.3
Resolves: bz784061
- Add additional command output to gluster module
Resolves: bz768641
- Add support for collecting gluster configuration and logs
Resolves: bz752549

[2.2-19.el6]
- Collect additional diagnostic information for realtime systems
Resolves: bz789096
- Improve sanitization of RHN user and case number in report name
Resolves: bz771393
- Fix verbose output and debug logging
Resolves: bz782339
- Add basic support for CloudForms data collection
Resolves: bz752666
- Add support for Subscription Asset Manager diagnostics
Resolves: bz752670

[2.2-18.el6]
- Collect fence_virt.conf in cluster module
Resolves: bz760995
- Fix collection of /proc/net directory tree
Resolves: bz730641
- Gather output of cpufreq-info when present
Resolves: bz760424
- Fix brctl showstp output when bridges contain multiple interfaces
Resolves: bz751273
- Add /etc/modprobe.d to kernel module
Resolves: bz749919
- Ensure relative symlink targets are correctly handled when copying
Resolves: bz782589
- Fix satellite and proxy package detection in rhn plugin
Resolves: bz749262
- Collect stderr output from external commands
Resolves: bz739080
- Collect /proc/cgroups in the cgroups module
Resolve: bz784874
- Collect /proc/irq in the kernel module
Resolves: bz784862
- Fix installed-rpms formatting for long package names
Resolves: bz767827
- Add symbolic links for truncated log files
Resolves: bz766583
- Collect non-standard syslog and rsyslog log files
Resolves: bz771501
- Use correct paths for tomcat6 in RHN module
Resolves: bz749279
- Obscure root password if present in anacond-ks.cfg
Resolves: bz790402
- Do not accept embedded forward slashes in RHN usernames
Resolves: bz771393
- Add new sunrpc module to collect rpcinfo for gluster systems
Resolves: bz784061

Affected Software/OS:
'sos' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2664
54116
http://www.securityfocus.com/bid/54116
RHSA-2012:0958
http://rhn.redhat.com/errata/RHSA-2012-0958.html
RHSA-2013:1121
http://rhn.redhat.com/errata/RHSA-2013-1121.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
sos-anaconda-info-disclosure(76468)
https://exchange.xforce.ibmcloud.com/vulnerabilities/76468

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123890
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0958)
Resumen:	The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory. Vulnerability Insight: [2.2-29.0.1.el6] - Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272] - Disable --upload option as it will not work with Oracle support - Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869] - Remove RH ftp URL and support email - add sos-oracle-enterprise.patch [2.2-29.el6] - Collect the swift configuration directory in gluster module Resolves: bz822442 - Update IPA module and related plug-ins Resolves: bz812395 [2.2-28.el6] - Collect mcelog files in the hardware module Resolves: bz810702 [2.2-27.el6] - Add nfs statedump collection to gluster module Resolves: bz752549 [2.2-26.el6] - Use wildcard to match possible libvirt log paths Resolves: bz814474 [2.2-25.el6] - Add forbidden paths for new location of gluster private keys Resolves: bz752549 [2.2-24.el6] - Fix katello and aeolus command string syntax Resolves: bz752666 - Remove stray hunk from gluster module patch Resolves: bz784061 [2.2-22.el6] - Correct aeolus debug invocation in CloudForms module Resolves: bz752666 - Update gluster module for gluster-3.3 Resolves: bz784061 - Add additional command output to gluster module Resolves: bz768641 - Add support for collecting gluster configuration and logs Resolves: bz752549 [2.2-19.el6] - Collect additional diagnostic information for realtime systems Resolves: bz789096 - Improve sanitization of RHN user and case number in report name Resolves: bz771393 - Fix verbose output and debug logging Resolves: bz782339 - Add basic support for CloudForms data collection Resolves: bz752666 - Add support for Subscription Asset Manager diagnostics Resolves: bz752670 [2.2-18.el6] - Collect fence_virt.conf in cluster module Resolves: bz760995 - Fix collection of /proc/net directory tree Resolves: bz730641 - Gather output of cpufreq-info when present Resolves: bz760424 - Fix brctl showstp output when bridges contain multiple interfaces Resolves: bz751273 - Add /etc/modprobe.d to kernel module Resolves: bz749919 - Ensure relative symlink targets are correctly handled when copying Resolves: bz782589 - Fix satellite and proxy package detection in rhn plugin Resolves: bz749262 - Collect stderr output from external commands Resolves: bz739080 - Collect /proc/cgroups in the cgroups module Resolve: bz784874 - Collect /proc/irq in the kernel module Resolves: bz784862 - Fix installed-rpms formatting for long package names Resolves: bz767827 - Add symbolic links for truncated log files Resolves: bz766583 - Collect non-standard syslog and rsyslog log files Resolves: bz771501 - Use correct paths for tomcat6 in RHN module Resolves: bz749279 - Obscure root password if present in anacond-ks.cfg Resolves: bz790402 - Do not accept embedded forward slashes in RHN usernames Resolves: bz771393 - Add new sunrpc module to collect rpcinfo for gluster systems Resolves: bz784061 Affected Software/OS: 'sos' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2664 54116 http://www.securityfocus.com/bid/54116 RHSA-2012:0958 http://rhn.redhat.com/errata/RHSA-2012-0958.html RHSA-2013:1121 http://rhn.redhat.com/errata/RHSA-2013-1121.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html sos-anaconda-info-disclosure(76468) https://exchange.xforce.ibmcloud.com/vulnerabilities/76468
Copyright	Copyright (C) 2015 Greenbone AG