Trustix Local Security Checks : Trustix Security Advisory TSLSA-2005-0053 (unzip)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55500

Categoría: Trustix Local Security Checks

Título: Trustix Security Advisory TSLSA-2005-0053 (unzip)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory TSLSA-2005-0053.

unzip < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Fix Race condition that allows local users to modify
permissions of arbitrary files via a hard link attack on a file while
it is being decompressed, whose permissions are changed by Unzip after
the decompression is complete.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2005-2475 to this issue.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0053

Risk factor : Low

CVSS Score:
1.2

Referencia Cruzada: BugTraq ID: 14450
Common Vulnerability Exposure (CVE) ID: CVE-2005-2475
http://www.securityfocus.com/bid/14450
Bugtraq: 20050801 unzip TOCTOU file-permissions vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=112300046224117&w=2
Debian Security Information: DSA-903 (Google Search)
http://www.debian.org/security/2005/dsa-903
http://www.mandriva.com/security/advisories?name=MDKSA-2005:197
http://www.osvdb.org/18530
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9975
http://www.redhat.com/support/errata/RHSA-2007-0203.html
SCO Security Bulletin: SCOSA-2005.39
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.39/SCOSA-2005.39.txt
http://secunia.com/advisories/16309
http://secunia.com/advisories/16985
http://secunia.com/advisories/17006
http://secunia.com/advisories/17045
http://secunia.com/advisories/17342
http://secunia.com/advisories/17653
http://secunia.com/advisories/25098
http://securityreason.com/securityalert/32
http://www.trustix.org/errata/2005/0053/
http://www.ubuntu.com/usn/usn-191-1

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55500
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2005-0053 (unzip)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2005-0053. unzip < TSL 3.0 > < TSL 2.2 > - SECURITY Fix: Fix Race condition that allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-2475 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2005-0053 Risk factor : Low CVSS Score: 1.2
Referencia Cruzada:	BugTraq ID: 14450 Common Vulnerability Exposure (CVE) ID: CVE-2005-2475 http://www.securityfocus.com/bid/14450 Bugtraq: 20050801 unzip TOCTOU file-permissions vulnerability (Google Search) http://marc.info/?l=bugtraq&m=112300046224117&w=2 Debian Security Information: DSA-903 (Google Search) http://www.debian.org/security/2005/dsa-903 http://www.mandriva.com/security/advisories?name=MDKSA-2005:197 http://www.osvdb.org/18530 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9975 http://www.redhat.com/support/errata/RHSA-2007-0203.html SCO Security Bulletin: SCOSA-2005.39 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.39/SCOSA-2005.39.txt http://secunia.com/advisories/16309 http://secunia.com/advisories/16985 http://secunia.com/advisories/17006 http://secunia.com/advisories/17045 http://secunia.com/advisories/17342 http://secunia.com/advisories/17653 http://secunia.com/advisories/25098 http://securityreason.com/securityalert/32 http://www.trustix.org/errata/2005/0053/ http://www.ubuntu.com/usn/usn-191-1
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com