Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-2059
Description:lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file.
Test IDs: 1.3.6.1.4.1.25623.1.0.67908   1.3.6.1.4.1.25623.1.0.67683   1.3.6.1.4.1.25623.1.0.67694   1.3.6.1.4.1.25623.1.0.68110   1.3.6.1.4.1.25623.1.0.122323   1.3.6.1.4.1.25623.1.0.880603  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-2059
Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search)
http://www.securityfocus.com/archive/1/516909/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:180
http://www.openwall.com/lists/oss-security/2010/06/02/2
http://www.openwall.com/lists/oss-security/2010/06/02/3
http://marc.info/?l=oss-security&m=127559059928131&w=2
http://www.openwall.com/lists/oss-security/2010/06/03/5
http://www.openwall.com/lists/oss-security/2010/06/04/1
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://www.osvdb.org/65143
RedHat Security Advisories: RHSA-2010:0679
http://www.redhat.com/support/errata/RHSA-2010-0679.html
http://secunia.com/advisories/40028
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://www.vupen.com/english/advisories/2011/0606




© 1998-2024 E-Soft Inc. All rights reserved.