Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:1642

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.66358

Category: Red Hat Local Security Checks

Title: RedHat Security Advisory RHSA-2009:1642

Summary: The remote host is missing updates announced in;advisory RHSA-2009:1642.;;acpid is a daemon that dispatches ACPI (Advanced Configuration and Power;Interface) events to user-space programs.;;It was discovered that acpid could create its log file (/var/log/acpid);with random permissions on some systems. A local attacker could use this;flaw to escalate their privileges if the log file was created as;world-writable and with the setuid or setgid bit set. (CVE-2009-4033);;Please note that this flaw was due to a Red Hat-specific patch;(acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid;package.;;Users are advised to upgrade to this updated package, which contains a;backported patch to correct this issue.

Description: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1642.

acpid is a daemon that dispatches ACPI (Advanced Configuration and Power
Interface) events to user-space programs.

It was discovered that acpid could create its log file (/var/log/acpid)
with random permissions on some systems. A local attacker could use this
flaw to escalate their privileges if the log file was created as
world-writable and with the setuid or setgid bit set. (CVE-2009-4033)

Please note that this flaw was due to a Red Hat-specific patch
(acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid
package.

Users are advised to upgrade to this updated package, which contains a
backported patch to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-4033
1023284
http://securitytracker.com/id?1023284
37249
http://www.securityfocus.com/bid/37249
MDVSA-2009:342
http://www.mandriva.com/security/advisories?name=MDVSA-2009:342
RHSA-2009:1642
http://www.redhat.com/support/errata/RHSA-2009-1642.html
acpid-logfile-privilege-escalation(54677)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54677
https://bugzilla.redhat.com/show_bug.cgi?id=515062
https://bugzilla.redhat.com/show_bug.cgi?id=542926
oval:org.mitre.oval:def:10555
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10555

Copyright Copyright (C) 2009 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.66358
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2009:1642
Summary:	The remote host is missing updates announced in;advisory RHSA-2009:1642.;;acpid is a daemon that dispatches ACPI (Advanced Configuration and Power;Interface) events to user-space programs.;;It was discovered that acpid could create its log file (/var/log/acpid);with random permissions on some systems. A local attacker could use this;flaw to escalate their privileges if the log file was created as;world-writable and with the setuid or setgid bit set. (CVE-2009-4033);;Please note that this flaw was due to a Red Hat-specific patch;(acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid;package.;;Users are advised to upgrade to this updated package, which contains a;backported patch to correct this issue.
Description:	Summary: The remote host is missing updates announced in advisory RHSA-2009:1642. acpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs. It was discovered that acpid could create its log file (/var/log/acpid) with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with the setuid or setgid bit set. (CVE-2009-4033) Please note that this flaw was due to a Red Hat-specific patch (acpid-1.0.4-fd.patch) included in the Red Hat Enterprise Linux 5 acpid package. Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4033 1023284 http://securitytracker.com/id?1023284 37249 http://www.securityfocus.com/bid/37249 MDVSA-2009:342 http://www.mandriva.com/security/advisories?name=MDVSA-2009:342 RHSA-2009:1642 http://www.redhat.com/support/errata/RHSA-2009-1642.html acpid-logfile-privilege-escalation(54677) https://exchange.xforce.ibmcloud.com/vulnerabilities/54677 https://bugzilla.redhat.com/show_bug.cgi?id=515062 https://bugzilla.redhat.com/show_bug.cgi?id=542926 oval:org.mitre.oval:def:10555 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10555
Copyright	Copyright (C) 2009 E-Soft Inc.