Gentoo Security Advisory GLSA 201101-07 (Prewikka) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201101-07.

Solution

All Prewikka users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/prewikka-0.9.14-r2' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201101-07 http://bugs.gentoo.org/show_bug.cgi?id=270056

Insight

Due to a world-readable file, a local attacker can obtain the SQL database password used by Prewikka.

Severity

Classification

CVE CVE-2010-2058

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Gentoo Security Advisory GLSA 200801-03 (claws-mail)
Gentoo Security Advisory GLSA 200504-25 (rkhunter)
Gentoo Security Advisory GLSA 200704-11 (vixie-cron)
Gentoo Security Advisory GLSA 200501-43 (f2c)
Gentoo Security Advisory GLSA 200506-16 (cpio)

Take action and discover your vulnerabilities