Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2009:341 (dstat)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.66549

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2009:341 (dstat)

Resumen: The remote host is missing an update to dstat;announced via advisory MDVSA-2009:341.

Descripción: Summary:
The remote host is missing an update to dstat
announced via advisory MDVSA-2009:341.

Vulnerability Insight:
Multiple vulnerabilities has been found and corrected in dstat:

Multiple untrusted search path vulnerabilities in dstat before 0.7.0
allow local users to gain privileges via a Trojan horse Python module
in (1) the current working directory or (2) a certain subdirectory
of the current working directory (CVE-2009-3894, CVE-2009-4081).

This update provides a solution to these vulnerabilities.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3894
37131
http://www.securityfocus.com/bid/37131
37445
http://secunia.com/advisories/37445
37457
http://secunia.com/advisories/37457
60511
http://osvdb.org/60511
GLSA-200911-04
http://security.gentoo.org/glsa/glsa-200911-04.xml
MDVSA-2009:341
http://www.mandriva.com/security/advisories?name=MDVSA-2009:341
RHSA-2009:1619
http://www.redhat.com/support/errata/RHSA-2009-1619.html
http://bugs.gentoo.org/show_bug.cgi?id=293497
http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
https://bugzilla.redhat.com/show_bug.cgi?id=538459
oval:org.mitre.oval:def:8969
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969
Common Vulnerability Exposure (CVE) ID: CVE-2009-4081

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66549
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2009:341 (dstat)
Resumen:	The remote host is missing an update to dstat;announced via advisory MDVSA-2009:341.
Descripción:	Summary: The remote host is missing an update to dstat announced via advisory MDVSA-2009:341. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in dstat: Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory (CVE-2009-3894, CVE-2009-4081). This update provides a solution to these vulnerabilities. Affected: Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3894 37131 http://www.securityfocus.com/bid/37131 37445 http://secunia.com/advisories/37445 37457 http://secunia.com/advisories/37457 60511 http://osvdb.org/60511 GLSA-200911-04 http://security.gentoo.org/glsa/glsa-200911-04.xml MDVSA-2009:341 http://www.mandriva.com/security/advisories?name=MDVSA-2009:341 RHSA-2009:1619 http://www.redhat.com/support/errata/RHSA-2009-1619.html http://bugs.gentoo.org/show_bug.cgi?id=293497 http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog https://bugzilla.redhat.com/show_bug.cgi?id=538459 oval:org.mitre.oval:def:8969 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969 Common Vulnerability Exposure (CVE) ID: CVE-2009-4081
Copyright	Copyright (C) 2009 E-Soft Inc.