ID de Prueba:	1.3.6.1.4.1.25623.1.0.59032
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:198 (util-linux)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to util-linux announced via advisory MDKSA-2007:198. The mount and umount programs in util-linux called the setuid() and setgid() functions in the wrong order and did not check the return values, which could allow attackers to grain privileges via helper applications such as mount.nfs. Updated packages have been patched to fix this issue. Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:198 Risk factor : High CVSS Score: 6.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5191 BugTraq ID: 25973 http://www.securityfocus.com/bid/25973 Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Debian Security Information: DSA-1449 (Google Search) http://www.debian.org/security/2008/dsa-1449 Debian Security Information: DSA-1450 (Google Search) http://www.debian.org/security/2008/dsa-1450 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html http://security.gentoo.org/glsa/glsa-200710-18.xml http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101 http://www.redhat.com/support/errata/RHSA-2007-0969.html http://www.securitytracker.com/id?1018782 http://secunia.com/advisories/27104 http://secunia.com/advisories/27122 http://secunia.com/advisories/27145 http://secunia.com/advisories/27188 http://secunia.com/advisories/27283 http://secunia.com/advisories/27354 http://secunia.com/advisories/27399 http://secunia.com/advisories/27687 http://secunia.com/advisories/28348 http://secunia.com/advisories/28349 http://secunia.com/advisories/28368 http://secunia.com/advisories/28469 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-533-1 http://www.vupen.com/english/advisories/2007/3417 http://www.vupen.com/english/advisories/2008/0064
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.