ID de Prueba:	1.3.6.1.4.1.25623.1.0.50915
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:159 (glibc)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to glibc announced via advisory MDKSA-2004:159. The Trustix developers discovered that the catchsegv and glibcbug utilities, part of the glibc package, created temporary files in an insecure manner. This could allow for a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program. The updated packages have been patched to correct this issue. Affected versions: 10.0, 10.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0968 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 11286 Common Vulnerability Exposure (CVE) ID: CVE-2004-0968 http://www.securityfocus.com/bid/11286 Debian Security Information: DSA-636 (Google Search) http://www.debian.org/security/2005/dsa-636 http://security.gentoo.org/glsa/glsa-200410-19.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523 http://www.redhat.com/support/errata/RHSA-2004-586.html http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.trustix.org/errata/2004/0050 https://www.ubuntu.com/usn/usn-4-1/ XForce ISS Database: script-temporary-file-overwrite(17583) https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.