ID de Prueba:	1.3.6.1.4.1.25623.1.0.52830
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-14 (openssl)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to openssl announced via advisory TLSA-2005-14. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. A vulnerability in the manner in which openssl handles temporary files could allow local users to overwrite arbitrary files via a symlink attack. This vulerability may allow local users to overwrite arbitrary files via a symbolic link attack. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-14 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 11293 Common Vulnerability Exposure (CVE) ID: CVE-2004-0975 http://www.securityfocus.com/bid/11293 Debian Security Information: DSA-603 (Google Search) http://www.debian.org/security/2004/dsa-603 http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164 http://www.redhat.com/support/errata/RHSA-2005-476.html http://secunia.com/advisories/12973 http://www.trustix.org/errata/2004/0050 XForce ISS Database: script-temporary-file-overwrite(17583) https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.