Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0310)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123963

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-0310)

Resumen: The remote host is missing an update for the 'nfs-utils' package(s) announced via the ELSA-2012-0310 advisory.

Descripción: Summary:
The remote host is missing an update for the 'nfs-utils' package(s) announced via the ELSA-2012-0310 advisory.

Vulnerability Insight:
[1.0.9-60.0.1.el5]
- Add support for resvport for unmonting [orabug 13567018]

[1.0.9-60]
- Updated idmapd.conf and idmapd.conf.man to reflect the
static user name mapping (502707)
- Fixed an umount regression introduced by bz 513094 (bz 781931)

[1.0.9-59]
- gss: turned of even more excessive syslogs (bz 593097)
- mount.nfs: Ignored the SIGXFSZ when handling RLIMIT_FSIZE changes (bz 697979)

[1.0.9-58]
- gss: turned off more excessive syslogs (bz 593097)
- initfiles: more initscripts improvements (bz 710020)
- specfile: correct typo when nfsnobodys gid already exists (bz 729603)

[1.0.9-57]
- Mount fails to anticipate RLIMIT_FSIZE (bz 697979,CVE-2011-1749)

[1.0.9-56]
- Removed sim crash support (bz 600497)
- initfiles: more initscripts improvements (bz 710020)
- mount: Don't wait for TCP to timeout twice (bz 736677)

[1.0.9-55]
- mount: fixed the -o retry option to retry the given amount (bz 736677)
- manpage: removed the -o fsc option (bz 715523)
- nfsstat: show v4 mounts with -m flag (bz 712438)
- mount: allow insecure ports with mounts (bz 513094)
- gss: turned off excessive syslogs (bz 593097)
- mountd: allow v2 and v3 to be disabled (bz 529588)
- specfile: make sure nfsnobodys gid changes when it exists (bz 729603)
- initfiles: initscripts improvements (bz 710020)

Affected Software/OS:
'nfs-utils' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
3.3

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1749
RHSA-2011:1534
http://rhn.redhat.com/errata/RHSA-2011-1534.html
RHSA-2012:0310
http://rhn.redhat.com/errata/RHSA-2012-0310.html
[oss-security] 20140425 Re: CVE request: CVE-2011-1089-like flaw in mount.nfs
http://www.openwall.com/lists/oss-security/2011/04/25/5
http://sourceforge.net/projects/nfs/files/nfs-utils/1.2.4/Changelog-nfs-utils-1.2.4/download
https://bugzilla.redhat.com/show_bug.cgi?id=697975

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123963
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0310)
Resumen:	The remote host is missing an update for the 'nfs-utils' package(s) announced via the ELSA-2012-0310 advisory.
Descripción:	Summary: The remote host is missing an update for the 'nfs-utils' package(s) announced via the ELSA-2012-0310 advisory. Vulnerability Insight: [1.0.9-60.0.1.el5] - Add support for resvport for unmonting [orabug 13567018] [1.0.9-60] - Updated idmapd.conf and idmapd.conf.man to reflect the static user name mapping (502707) - Fixed an umount regression introduced by bz 513094 (bz 781931) [1.0.9-59] - gss: turned of even more excessive syslogs (bz 593097) - mount.nfs: Ignored the SIGXFSZ when handling RLIMIT_FSIZE changes (bz 697979) [1.0.9-58] - gss: turned off more excessive syslogs (bz 593097) - initfiles: more initscripts improvements (bz 710020) - specfile: correct typo when nfsnobodys gid already exists (bz 729603) [1.0.9-57] - Mount fails to anticipate RLIMIT_FSIZE (bz 697979,CVE-2011-1749) [1.0.9-56] - Removed sim crash support (bz 600497) - initfiles: more initscripts improvements (bz 710020) - mount: Don't wait for TCP to timeout twice (bz 736677) [1.0.9-55] - mount: fixed the -o retry option to retry the given amount (bz 736677) - manpage: removed the -o fsc option (bz 715523) - nfsstat: show v4 mounts with -m flag (bz 712438) - mount: allow insecure ports with mounts (bz 513094) - gss: turned off excessive syslogs (bz 593097) - mountd: allow v2 and v3 to be disabled (bz 529588) - specfile: make sure nfsnobodys gid changes when it exists (bz 729603) - initfiles: initscripts improvements (bz 710020) Affected Software/OS: 'nfs-utils' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1749 RHSA-2011:1534 http://rhn.redhat.com/errata/RHSA-2011-1534.html RHSA-2012:0310 http://rhn.redhat.com/errata/RHSA-2012-0310.html [oss-security] 20140425 Re: CVE request: CVE-2011-1089-like flaw in mount.nfs http://www.openwall.com/lists/oss-security/2011/04/25/5 http://sourceforge.net/projects/nfs/files/nfs-utils/1.2.4/Changelog-nfs-utils-1.2.4/download https://bugzilla.redhat.com/show_bug.cgi?id=697975
Copyright	Copyright (C) 2015 Greenbone AG