ID de Prueba:	1.3.6.1.4.1.25623.1.0.55551
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:175 (texinfo)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to texinfo announced via advisory MDKSA-2005:175. Frank Lichtenheld has discovered that texindex insecurely creates temporary files with predictable filenames. This is exploitable if a local attacker were to create symbolic links in the temporary files directory, pointing to a valid file on the filesystem. When texindex is executed, the file would be overwitten with the rights of the user running texindex. The updated packages have been patched to correct this issue. Affected versions: 10.1, 10.2, 2006.0, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:175 Risk factor : Low CVSS Score: 1.2
Referencia Cruzada:	BugTraq ID: 14854 Common Vulnerability Exposure (CVE) ID: CVE-2005-3011 http://lists.apple.com/archives/security-announce/2007/May/msg00004.html http://www.securityfocus.com/bid/14854 Bugtraq: 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates (Google Search) http://www.securityfocus.com/archive/1/464745/100/0/threaded Debian Security Information: DSA-1219 (Google Search) http://www.debian.org/security/2006/dsa-1219 FreeBSD Security Advisory: FreeBSD-SA-06:01 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:01.texindex.asc http://www.gentoo.org/security/en/glsa/glsa-200510-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:175 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328365 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10589 http://www.redhat.com/support/errata/RHSA-2006-0727.html http://securitytracker.com/id?1014992 http://securitytracker.com/id?1015468 http://secunia.com/advisories/16816 http://secunia.com/advisories/17070 http://secunia.com/advisories/17076 http://secunia.com/advisories/17093 http://secunia.com/advisories/17211 http://secunia.com/advisories/17215 http://secunia.com/advisories/18401 http://secunia.com/advisories/22929 http://secunia.com/advisories/23112 http://secunia.com/advisories/24788 http://secunia.com/advisories/25402 SGI Security Advisory: 20061101-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P SuSE Security Announcement: SUSE-SR:2005:023 (Google Search) http://www.novell.com/linux/security/advisories/2005_23_sr.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://www.ubuntu.com/usn/usn-194-1 http://www.vupen.com/english/advisories/2007/1267 http://www.vupen.com/english/advisories/2007/1939
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.