ID de Prueba:	1.3.6.1.4.1.25623.1.0.67309
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:077 (nss_db)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to nss_db announced via advisory MDVSA-2010:077. A vulnerability has been found and corrected in nss_db: The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module (CVE-2010-0826). The updated packages have been patched to correct this issue. Affected: 2010.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:077 Risk factor : Low CVSS Score: 1.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0826 BugTraq ID: 39132 http://www.securityfocus.com/bid/39132 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038760.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10727 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6681 http://secunia.com/advisories/39165 http://www.ubuntu.com/usn/USN-922-1 http://www.vupen.com/english/advisories/2010/0776 http://www.vupen.com/english/advisories/2010/0841 http://www.vupen.com/english/advisories/2010/0903
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.