ID de Prueba:	1.3.6.1.4.1.25623.1.0.52832
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-16 (shadow-utils)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to shadow-utils announced via advisory TLSA-2005-16. The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format in addition to programs for managing user and group accounts. The passwd_check function in shadow-utils allows local users to conduct unauthorized activities if an error from a pam_chauthtok function call is not properly handled. This vulnerability may allow local users to bypass certain security restrictions. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-16 Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1001 Conectiva Linux advisory: CLA-2004:894 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000894 Debian Security Information: DSA-585 (Google Search) http://www.debian.org/security/2004/dsa-585 http://secunia.com/advisories/13028 XForce ISS Database: shadow-pwdcheck-modify-account(17902) https://exchange.xforce.ibmcloud.com/vulnerabilities/17902
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.