15 matches found
Oracle: Security Advisory (ELSA-2009-1642)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 2.2 : acpid (OVMSA-2009-0037)
The remote OracleVM system is missing necessary patches to address critical security updates : - Resolves: 515062 CVE-2009-4033 acpid: log file created with random permissions - start acpid before hal - Resolves: 503177 - Updated the License entry - Fixed CVE-2009-0798 too many open files DoS -...
Oracle Linux 5 : acpid (ELSA-2009-1642)
The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1642 advisory. 1.0.4-9.el54.1 - Resolves: 515062 CVE-2009-4033 acpid: log file created with random permissions Tenable has extracted the preceding description block directly...
Scientific Linux Security Update : acpid on SL5.x i386/x86_64
CVE-2009-4033 acpid: log file created with random permissions It was discovered that acpid could create its log file '/var/log/acpid' with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with t...
CentOS Update for acpid CESA-2009:1642 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 5 : acpid (CESA-2009:1642)
An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to...
CentOS Security Advisory CESA-2009:1642 (acpid)
The remote host is missing updates to acpid announced in advisory CESA-2009:1642. CESA-2009:1642 66619 2 $Id: ovcesa20091642.nasl 6650 2017-07-10 11:43:12Z cfischer $ Description: Auto-generated from advisory CESA-2009:1642 acpid Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CentOS Security Advisory CESA-2009:1642 (acpid)
The remote host is missing updates to acpid announced in advisory CESA-2009:1642. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...
Important: Red Hat Security Advisory: rhev-hypervisor security and bug fix update
An updated rhev-hypervisor package that fixes security issues and several bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization RHEV Hypervisor ISO disk...
Red Hat acpid '/var/log/acpid'日志文件权限本地特权提升漏洞
Bugraq ID: 37249 CVE ID:CVE-2009-4033 Red Hat是一款流行的linux发行版本。 Red Hat Enterprise Linux 5包含的acpid以不安全权限建立日志文件/var/log/acpid。问题是由于使用OCREAT标记调用时open没有使用第三个参数,结果导致日志文件以全局可写建立,并设置setuid / setgid位,允许特权提升。 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server 用户可参考如下安全公告获得补丁信息:...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
CVE-2009-4033
A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this...
RHEL 5 : acpid (RHSA-2009:1642)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:1642 advisory. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to user-space programs. It was discovered that acpid could...
Important: Red Hat Security Advisory: acpid security update
An updated acpid package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. acpid is a daemon that dispatches ACPI Advanced Configuration and Power Interface events to...