Turbolinux Local Security Tests : Turbolinux TLSA-2006-21 (vixie-cron)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57270

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2006-21 (vixie-cron)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to vixie-cron
announced via advisory TLSA-2006-21.

The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.

Vixie cron does not check the return code of a setuid call.

This vulnerability may allow local users to obtain root privileges.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2006-21

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-2607
BugTraq ID: 18108
http://www.securityfocus.com/bid/18108
Bugtraq: 20060525 rPSA-2006-0082-1 vixie-cron (Google Search)
http://www.securityfocus.com/archive/1/435033/100/0/threaded
http://security.gentoo.org/glsa/glsa-200606-07.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10213
http://www.redhat.com/support/errata/RHSA-2006-0539.html
http://securitytracker.com/id?1016480
http://secunia.com/advisories/20380
http://secunia.com/advisories/20388
http://secunia.com/advisories/20616
http://secunia.com/advisories/21032
http://secunia.com/advisories/21702
http://secunia.com/advisories/35318
SuSE Security Announcement: SUSE-SA:2006:027 (Google Search)
http://www.novell.com/linux/security/advisories/2006-05-32.html
https://usn.ubuntu.com/778-1/
http://www.vupen.com/english/advisories/2006/2075
XForce ISS Database: vixie-cron-docommand-gain-privilege(26691)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26691

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57270
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2006-21 (vixie-cron)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to vixie-cron announced via advisory TLSA-2006-21. The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Vixie cron does not check the return code of a setuid call. This vulnerability may allow local users to obtain root privileges. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2006-21 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2607 BugTraq ID: 18108 http://www.securityfocus.com/bid/18108 Bugtraq: 20060525 rPSA-2006-0082-1 vixie-cron (Google Search) http://www.securityfocus.com/archive/1/435033/100/0/threaded http://security.gentoo.org/glsa/glsa-200606-07.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10213 http://www.redhat.com/support/errata/RHSA-2006-0539.html http://securitytracker.com/id?1016480 http://secunia.com/advisories/20380 http://secunia.com/advisories/20388 http://secunia.com/advisories/20616 http://secunia.com/advisories/21032 http://secunia.com/advisories/21702 http://secunia.com/advisories/35318 SuSE Security Announcement: SUSE-SA:2006:027 (Google Search) http://www.novell.com/linux/security/advisories/2006-05-32.html https://usn.ubuntu.com/778-1/ http://www.vupen.com/english/advisories/2006/2075 XForce ISS Database: vixie-cron-docommand-gain-privilege(26691) https://exchange.xforce.ibmcloud.com/vulnerabilities/26691
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com