Detections
Analytics

Fedora 19 : boinc-client-7.2.33-2.git1994cc8.fc19 (2013-23720)

high Nessus Plugin ID 71639

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

*Updates Boinc to 7.2.33. *Remove the 'Can't connect to boinc-client' notify at startup. *Fix 'GPU not detected' problem. *Fix security vulnerability #957811

**Please note for 'GPU not detected' bug** If you still have this problem after updating, you need to run boinc with your user, not with boinc user. To do that, add your user to boinc group: 'useradd -G boinc <your_username>'

Disable boinc daemon: 'systemctl disable boinc-client.service' 'systemctl stop boinc-client.service'

Change directory and files permissions: 'chmod -R g+rw /var/lib/boinc' 'chmod g+rw /var/log/boinc*'

Logout and login again. Now run boinc using this command (under your user): '/usr/bin/boinc_gpu' If you want to autostart boinc after login you need to configure your DE to do that. See instruction specific to your DE on how to do that.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected boinc-client package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=957771

https://bugzilla.redhat.com/show_bug.cgi?id=957795

http://www.nessus.org/u?6ccc3b59

Plugin Details

Severity: High

ID: 71639

File Name: fedora_2013-23720.nasl

Version: 1.8

Type: local

Agent: unix

Published: 12/27/2013

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:boinc-client, cpe:/o:fedoraproject:fedora:19

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/21/2013

Reference Information

CVE: CVE-2013-2298, CVE-2013-7386

BID: 59539

FEDORA: 2013-23720