19 matches found
Scientific Linux Security Update : util-linux on SL5.x, SL4.x, SL3.x i386/x86_64
A flaw was discovered in the way that the mount and umount utilities used the setuid and setgid functions, which could lead to privileges being dropped improperly. A local user could use this flaw to run mount helper applications such as, mount.nfs, with additional privileges CVE-2007-5191...
VMSA-2008-0001 : Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
I Service Console package security updates a. OpenPegasus PAM Authentication Buffer Overflow Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service...
CentOS 3 / 4 : util-linux (CESA-2007:0969)
Updated util-linux packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The util-linux package contains a large variety of low-level system utilities that...
Mandriva Update for util-linux MDKSA-2007:198 (util-linux)
Check for the Version of util-linux OpenVAS Vulnerability Test Mandriva Update for util-linux MDKSA-2007:198 util-linux Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
Fedora Update for util-linux FEDORA-2007-722
Check for the Version of util-linux OpenVAS Vulnerability Test Fedora Update for util-linux FEDORA-2007-722 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for util-linux FEDORA-2007-722
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for util-linux FEDORA-2007-2462
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200710-18 (util-linux)
The remote host is missing updates announced in advisory GLSA 200710-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1449-1 : loop-aes-utils - programming error
It was discovered that loop-aes-utils, tools for mounting and manipulating filesystems, didn't drop privileged user and group permissions in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1449-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1449-1] New loop-aes-utils packages fix programming error
------------------------------------------------------------------------ Debian Security Advisory DSA-1449-1 [email protected] http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq -...
Moderate: util-linux security update
2.11y-31.24 - fix 324431 - CVE-2007-5191 util-linux mount doesn't drop privileges properly when calling helpers...
losetup, mount, util security update
CentOS Errata and Security Advisory CESA-2007:0969 Updated util-linux packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The util-linux package contains...
Fedora 7 : util-linux-2.13-0.54.1.fc7 (2007-2462)
Mon Oct 8 2007 Karel Zak 2.13-0.54.1 - fix 320131 - CVE-2007-5191 util-linux umount doesn't drop privileges properly when calling helpers F7 - Wed Aug 8 2007 Karel Zak 2.13-0.54 - backport mount relatime patch - Thu Aug 2 2007 Karel Zak 2.13-0.53 - fix 236848 - mount/fstab.c:lockmtab should open...
Mandrake Linux Security Advisory : util-linux (MDKSA-2007:198)
The mount and umount programs in util-linux called the setuid and setgid functions in the wrong order and did not check the return values, which could allow attackers to grain privileges via helper applications such as mount.nfs. Updated packages have been patched to fix this issue. %NASLMINLEVEL...
rPSA-2007-0212-1 util-linux
rPath Security Advisory: 2007-0212-1 Published: 2007-10-08 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: util-linux=/conary.rpath.com@rpl:devel//1/2.12r-1.5-1 rPath Issue Tracking System:...
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...
CVE-2007-5191
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs...