ID de Prueba:	1.3.6.1.4.1.25623.1.0.61689
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2008:208 (pam_mount)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to pam_mount announced via advisory MDVSA-2008:208. pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2008:208 Risk factor : High CVSS Score: 6.9
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3970 BugTraq ID: 31041 http://www.securityfocus.com/bid/31041 http://www.mandriva.com/security/advisories?name=MDVSA-2008:208 http://www.openwall.com/lists/oss-security/2008/09/06/3 http://www.openwall.com/lists/oss-security/2008/09/09/12 http://sourceforge.net/mailarchive/forum.php?thread_name=alpine.LNX.1.10.0809042353120.17569%40fbirervta.pbzchgretzou.qr&forum_name=pam-mount-user SuSE Security Announcement: SUSE-SR:2008:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html XForce ISS Database: pammount-luserconf-privilege-escalation(44960) https://exchange.xforce.ibmcloud.com/vulnerabilities/44960
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.