Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2008:027 (pulseaudio)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60259

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2008:027 (pulseaudio)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to pulseaudio
announced via advisory MDVSA-2008:027.

A programming flaw was found in Pulseaudio versions older than 0.9.9,
by which a local user can gain root access, if pulseaudio is installed
as a setuid to root binary, which is the recommended configuration.

The updated packages fix this issue.

Affected: 2007.1, 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:027

Risk factor : High

CVSS Score:
7.2

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0008
BugTraq ID: 27449
http://www.securityfocus.com/bid/27449
Debian Security Information: DSA-1476 (Google Search)
http://www.debian.org/security/2008/dsa-1476
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html
http://security.gentoo.org/glsa/glsa-200802-07.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:027
https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html
http://secunia.com/advisories/28608
http://secunia.com/advisories/28623
http://secunia.com/advisories/28738
http://secunia.com/advisories/28952
http://www.ubuntu.com/usn/usn-573-1
http://www.vupen.com/english/advisories/2008/0283
XForce ISS Database: pulseaudio-padroproot-privilege-escalation(39992)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39992

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60259
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:027 (pulseaudio)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to pulseaudio announced via advisory MDVSA-2008:027. A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration. The updated packages fix this issue. Affected: 2007.1, 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:027 Risk factor : High CVSS Score: 7.2
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0008 BugTraq ID: 27449 http://www.securityfocus.com/bid/27449 Debian Security Information: DSA-1476 (Google Search) http://www.debian.org/security/2008/dsa-1476 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html http://security.gentoo.org/glsa/glsa-200802-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:027 https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html http://secunia.com/advisories/28608 http://secunia.com/advisories/28623 http://secunia.com/advisories/28738 http://secunia.com/advisories/28952 http://www.ubuntu.com/usn/usn-573-1 http://www.vupen.com/english/advisories/2008/0283 XForce ISS Database: pulseaudio-padroproot-privilege-escalation(39992) https://exchange.xforce.ibmcloud.com/vulnerabilities/39992
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com