SuSE 11 Security Update : acl and libacl (SAT Patch Number 1804)

Low Nessus Plugin ID 44376

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The setfacl tool followed symbolic links in recursive (-R) mode even if the --physical (-P) option was specified (CVE-2009-4411). This has been fixed.

Solution

Apply SAT patch number 1804.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=567090

http://support.novell.com/security/cve/CVE-2009-4411.html

Plugin Details

Severity: Low

ID: 44376

File Name: suse_11_acl-100115.nasl

Version: 1.11

Type: local

Agent: unix

Published: 2010/02/02

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 3.7

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:acl, p-cpe:/a:novell:suse_linux:11:libacl, p-cpe:/a:novell:suse_linux:11:libacl-32bit, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2010/01/15

Reference Information

CVE: CVE-2009-4411

CWE: 264