Test ID:	1.3.6.1.4.1.25623.1.0.69013
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201006-10 (multipath-tools)
Summary:	The remote host is missing updates announced in;advisory GLSA 201006-10.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201006-10. Vulnerability Insight: multipath-tools does not set correct permissions on the socket file, making it possible to send arbitrary commands to the multipath daemon for local users. Solution: All multipath-tools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-fs/multipath-tools-0.4.8-r1' CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0115 Debian Security Information: DSA-1767 (Google Search) http://www.debian.org/security/2009/dsa-1767 https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html http://launchpad.net/bugs/cve/2009-0115 http://lists.vmware.com/pipermail/security-announce/2010/000082.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214 http://secunia.com/advisories/34418 http://secunia.com/advisories/34642 http://secunia.com/advisories/34694 http://secunia.com/advisories/34710 http://secunia.com/advisories/34759 http://secunia.com/advisories/38794 SuSE Security Announcement: SUSE-SR:2009:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html SuSE Security Announcement: SUSE-SR:2009:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://www.vupen.com/english/advisories/2010/0528
Copyright	Copyright (C) 2011 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.