Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2019.1364.2
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2019:1364-2)
Resumen:The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2019:1364-2 advisory.
Descripción:Summary:
The remote host is missing an update for the 'systemd' package(s) announced via the SUSE-SU-2019:1364-2 advisory.

Vulnerability Insight:
This update for systemd fixes the following issues:

Security issues fixed:
CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could
be exploited by a local user (bsc#1132348).

CVE-2019-6454: Fixed a denial of service via crafted D-Bus message
(bsc#1125352).

CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where
services with DynamicUser could gain new privileges or create SUID/SGID
binaries (bsc#1133506, bsc#1133509).

Non-security issued fixed:
logind: fix killing of scopes (bsc#1125604)

namespace: make MountFlags=shared work again (bsc#1124122)

rules: load drivers only on 'add' events (bsc#1126056)

sysctl: Don't pass null directive argument to '%s' (bsc#1121563)

systemd-coredump: generate a stack trace of all core dumps and log into
the journal (jsc#SLE-5933)

udevd: notify when max number value of children is reached only once per
batch of events (bsc#1132400)

sd-bus: bump message queue size again (bsc#1132721)

Do not automatically online memory on s390x (bsc#1127557)

Removed sg.conf (bsc#1036463)

Affected Software/OS:
'systemd' package(s) on SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP1

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-3842
https://www.exploit-db.com/exploits/46743/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STR36RJE4ZZIORMDXRERVBHMPRNRTHAC/
http://packetstormsecurity.com/files/152610/systemd-Seat-Verification-Active-Session-Spoofing.html
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/04/msg00022.html
SuSE Security Announcement: openSUSE-SU-2019:1450 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-3843
BugTraq ID: 108116
http://www.securityfocus.com/bid/108116
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/
https://usn.ubuntu.com/4269-1/
Common Vulnerability Exposure (CVE) ID: CVE-2019-3844
BugTraq ID: 108096
http://www.securityfocus.com/bid/108096
Common Vulnerability Exposure (CVE) ID: CVE-2019-6454
BugTraq ID: 107081
http://www.securityfocus.com/bid/107081
Debian Security Information: DSA-4393-1 (Google Search)
https://www.debian.org/security/2019/dsa-4393
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N67IOBOTDOMVNQJ5QRU2MXLEECXPGNVJ/
https://github.com/systemd/systemd/commits/master/src/libsystemd/sd-bus/bus-objects.c
https://lists.debian.org/debian-lts-announce/2019/02/msg00031.html
http://www.openwall.com/lists/oss-security/2019/02/18/3
http://www.openwall.com/lists/oss-security/2019/02/19/1
RedHat Security Advisories: RHSA-2019:0368
https://access.redhat.com/errata/RHSA-2019:0368
RedHat Security Advisories: RHSA-2019:0990
https://access.redhat.com/errata/RHSA-2019:0990
RedHat Security Advisories: RHSA-2019:1322
https://access.redhat.com/errata/RHSA-2019:1322
RedHat Security Advisories: RHSA-2019:1502
https://access.redhat.com/errata/RHSA-2019:1502
RedHat Security Advisories: RHSA-2019:2805
https://access.redhat.com/errata/RHSA-2019:2805
SuSE Security Announcement: SUSE-SA:2019:0255-1 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html
https://usn.ubuntu.com/3891-1/
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.