Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0304)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123970

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-0304)

Resumen: The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.

Descripción: Summary:
The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.

Vulnerability Insight:
[4:4.1-81]
- 455664 adoptions of crontab orphans, forgot add buffer for list of
orphans
- Related: rhbz#455664

[4:4.1-80]
- 654961 crond process ignores the changes of user's home directory needs
bigger changes of code. The fix wasn't applied, detail in comment#11.
- Related: rhbz#249512

[4:4.1-79]
- CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp
of user's crontab file, when editing the file
- Resolves: rhbz#741534

[4:4.1-78]
- 625016 - crond requires a restart if mcstransd is stopped
- Resolves: rhbz#625016

[4:4.1-78]
- 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax
- Resolves: rhbz#460070

[4:4.1-78]
- 455664 adoptions of crontab orphans
- 249512 crontab should verify a user's access to PAM cron service
- Resolves: rhbz#455664, rhbz#249512

[4:4.1-78]
- 699621 and 699620 man page fix
- 529632 service crond status return correct status
- 480930 set correct pie options in CFLAGS and LDFLAGS
- 476972 crontab error with @reboot entry
- Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972

Affected Software/OS:
'vixie-cron' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
3.3

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0424
38391
http://www.securityfocus.com/bid/38391
38700
http://secunia.com/advisories/38700
38741
http://secunia.com/advisories/38741
48104
http://secunia.com/advisories/48104
FEDORA-2010-2751
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.html
http://git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61
https://bugzilla.redhat.com/show_bug.cgi?id=565809

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123970
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0304)
Resumen:	The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory.
Descripción:	Summary: The remote host is missing an update for the 'vixie-cron' package(s) announced via the ELSA-2012-0304 advisory. Vulnerability Insight: [4:4.1-81] - 455664 adoptions of crontab orphans, forgot add buffer for list of orphans - Related: rhbz#455664 [4:4.1-80] - 654961 crond process ignores the changes of user's home directory needs bigger changes of code. The fix wasn't applied, detail in comment#11. - Related: rhbz#249512 [4:4.1-79] - CVE-2010-0424 vixie-cron, cronie: Race condition by setting timestamp of user's crontab file, when editing the file - Resolves: rhbz#741534 [4:4.1-78] - 625016 - crond requires a restart if mcstransd is stopped - Resolves: rhbz#625016 [4:4.1-78] - 460070 entries in cronjobs in /etc/cron.d are checked for valid syntax - Resolves: rhbz#460070 [4:4.1-78] - 455664 adoptions of crontab orphans - 249512 crontab should verify a user's access to PAM cron service - Resolves: rhbz#455664, rhbz#249512 [4:4.1-78] - 699621 and 699620 man page fix - 529632 service crond status return correct status - 480930 set correct pie options in CFLAGS and LDFLAGS - 476972 crontab error with @reboot entry - Resolves: rhbz#699621, rhbz#699620, rhbz#529632, rhbz#480930, rhbz#476972 Affected Software/OS: 'vixie-cron' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0424 38391 http://www.securityfocus.com/bid/38391 38700 http://secunia.com/advisories/38700 38741 http://secunia.com/advisories/38741 48104 http://secunia.com/advisories/48104 FEDORA-2010-2751 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035762.html http://git.fedorahosted.org/git/cronie.git?p=cronie.git%3Ba=commit%3Bh=9e4a8fa5f9171fb724981f53879c9b20264aeb61 https://bugzilla.redhat.com/show_bug.cgi?id=565809
Copyright	Copyright (C) 2015 Greenbone AG