Test ID:	1.3.6.1.4.1.25623.1.0.58393
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:111 (util-linux)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to util-linux announced via advisory MDKSA-2007:111. login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok. Updated packages have been patched to address this issue. Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:111 Risk factor : Medium CVSS Score: 4.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-7108 BugTraq ID: 24321 http://www.securityfocus.com/bid/24321 http://www.mandriva.com/security/advisories?name=MDKSA-2007:111 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9689 http://www.redhat.com/support/errata/RHSA-2007-0235.html http://secunia.com/advisories/25098 http://secunia.com/advisories/25530 http://secunia.com/advisories/25692 http://secunia.com/advisories/25935
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.