CentOS Local Security Checks : CentOS Security Advisory CESA-2010:0678 (rpm)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.68107
Category:	CentOS Local Security Checks
Title:	CentOS Security Advisory CESA-2010:0678 (rpm)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates to rpm announced in advisory CESA-2010:0678. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. https://secure1.securityspace.com/smysecure/catid.html?in=CESA-2010:0678 https://secure1.securityspace.com/smysecure/catid.html?in=RHSA-2010:0678 https://rhn.redhat.com/errata/RHSA-2010-0678.html Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4889 http://www.mandriva.com/security/advisories?name=MDVSA-2010:180 XForce ISS Database: rpm-setgid-privilege-escalation(59426) https://exchange.xforce.ibmcloud.com/vulnerabilities/59426 Common Vulnerability Exposure (CVE) ID: CVE-2010-2059 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. http://www.securityfocus.com/archive/1/516909/100/0/threaded 40028 http://secunia.com/advisories/40028 65143 http://www.osvdb.org/65143 ADV-2011-0606 http://www.vupen.com/english/advisories/2011/0606 MDVSA-2010:180 RHSA-2010:0679 http://www.redhat.com/support/errata/RHSA-2010-0679.html SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100602 CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/02/2 [oss-security] 20100602 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/02/3 [oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://marc.info/?l=oss-security&m=127559059928131&w=2 http://www.openwall.com/lists/oss-security/2010/06/03/5 [oss-security] 20100604 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH BZ#598775) http://www.openwall.com/lists/oss-security/2010/06/04/1 [security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm http://lists.vmware.com/pipermail/security-announce/2011/000126.html http://distrib-coffee.ipsl.jussieu.fr/pub/mirrors/rpm/files/rpm/rpm-4.4/rpm-4.4.3.tar.gz http://rpm.org/gitweb?p=rpm.git%3Ba=commit%3Bh=ca2d6b2b484f1501eafdde02e1688409340d2383 http://www.vmware.com/security/advisories/VMSA-2011-0004.html https://bugzilla.redhat.com/show_bug.cgi?id=125517 https://bugzilla.redhat.com/show_bug.cgi?id=598775
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com