Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:138 (acpid)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71817

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:138 (acpid)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to acpid
announced via advisory MDVSA-2012:138.

A vulnerability has been discovered and corrected in acpid:

Helmut Grohne and Michael Biebl discovered that ACPI scripts were
executed with a permissive file mode creation mask (umask). A local
attacker could read files and modify directories created by ACPI
scripts that did not set a strict umask (CVE-2011-4578).

The updated packages have been patched to correct this issue.

Affected: Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:138

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-4578
MDVSA-2012:138
http://www.mandriva.com/security/advisories?name=MDVSA-2012:138
[oss-security] 20111206 Re: CVE request: acpid
http://www.openwall.com/lists/oss-security/2011/12/06/3
http://sourceforge.net/u/tedfelix/acpid2/ci/02d0bf29207f17996936ab652717855b15873901/tree/Changelog?force=True
https://bugs.launchpad.net/ubuntu/+source/acpid/+bug/893821
https://bugzilla.redhat.com/show_bug.cgi?id=760984

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71817
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:138 (acpid)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to acpid announced via advisory MDVSA-2012:138. A vulnerability has been discovered and corrected in acpid: Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask (umask). A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask (CVE-2011-4578). The updated packages have been patched to correct this issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:138 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4578 MDVSA-2012:138 http://www.mandriva.com/security/advisories?name=MDVSA-2012:138 [oss-security] 20111206 Re: CVE request: acpid http://www.openwall.com/lists/oss-security/2011/12/06/3 http://sourceforge.net/u/tedfelix/acpid2/ci/02d0bf29207f17996936ab652717855b15873901/tree/Changelog?force=True https://bugs.launchpad.net/ubuntu/+source/acpid/+bug/893821 https://bugzilla.redhat.com/show_bug.cgi?id=760984
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com