Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.61833 |
Category: | Fedora Local Security Checks |
Title: | Fedora Core 9 FEDORA-2008-9458 (rgmanager) |
Summary: | NOSUMMARY |
Description: | Description: The remote host is missing an update to rgmanager announced via advisory FEDORA-2008-9458. Update Information: A major code audit did show several unsecure use of /tmp. This update addresses those issues across the whole code. ChangeLog: * Fri Oct 31 2008 Fabio M. Di Nitto - 2.03.09-1 - New upstream release Fix rhbz#468966 Addresses several security issues similar to CVE-2008-4192 and CVE-2008-4579 after deep code audit from upstream - cleanup patches to match 2.6.26 kernel in F-9 * Tue Oct 21 2008 Fabio M. Di Nitto - 2.03.08-1 - New upstream release Fix rhbz#460376 CVE-2008-4192 Fix rhbz#467386 CVE-2008-4579 - cleanup/update patches to match 2.6.26 kernel in F-9 References: [ 1 ] Bug #468966 - Possible buffer overflow in cman config loader can lead to memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=468966 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update rgmanager' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2008-9458 Risk factor : High CVSS Score: 6.9 |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-4192 BugTraq ID: 30898 http://www.securityfocus.com/bid/30898 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html http://uvw.ru/report.lenny.txt http://www.openwall.com/lists/oss-security/2008/09/18/3 http://www.openwall.com/lists/oss-security/2008/09/24/2 http://www.openwall.com/lists/oss-security/2008/10/30/2 http://www.redhat.com/support/errata/RHSA-2011-0266.html http://secunia.com/advisories/31887 http://secunia.com/advisories/32387 http://secunia.com/advisories/32390 http://secunia.com/advisories/43362 http://www.ubuntu.com/usn/USN-875-1 http://www.vupen.com/english/advisories/2011/0419 XForce ISS Database: cman-fenceegenera-symlink(44845) https://exchange.xforce.ibmcloud.com/vulnerabilities/44845 Common Vulnerability Exposure (CVE) ID: CVE-2008-4579 BugTraq ID: 31904 http://www.securityfocus.com/bid/31904 http://bugs.gentoo.org/show_bug.cgi?id=240576 http://www.openwall.com/lists/oss-security/2008/10/13/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799 http://www.redhat.com/support/errata/RHSA-2009-1341.html http://secunia.com/advisories/36530 |
Copyright | Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |