Secunia Security Advisory - Mandriva has issued an update for util-linux. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
c7bfbab1c20c8f3ee6981770ed7775d146a6104cda6c5019a5098d44802a5b0f
----------------------------------------------------------------------
Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.
Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/
----------------------------------------------------------------------
TITLE:
Mandriva update for util-linux
SECUNIA ADVISORY ID:
SA27122
VERIFY ADVISORY:
http://secunia.com/advisories/27122/
CRITICAL:
Not critical
IMPACT:
Privilege escalation
WHERE:
Local system
OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
DESCRIPTION:
Mandriva has issued an update for util-linux. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions with escalated privileges.
For more information:
SA27145
SOLUTION:
Apply updated packages.
Mandriva Linux 2007.0:
64440de5b0e17ede0ff6d5647ed2ff59
2007.0/i586/losetup-2.12r-8.3mdv2007.0.i586.rpm
15992ebb5aad91809aa77fd95d18ca0d
2007.0/i586/mount-2.12r-8.3mdv2007.0.i586.rpm
b60fa731a619023d9ee621193fb774f5
2007.0/i586/util-linux-2.12r-8.3mdv2007.0.i586.rpm
67d816f2242c4c3d20f98caaa49aeb67
2007.0/SRPMS/util-linux-2.12r-8.3mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
b3fc22fbec0cab2444bb266551ece54a
2007.0/x86_64/losetup-2.12r-8.3mdv2007.0.x86_64.rpm
2d1a2b67e27f03f1478b6d403101360f
2007.0/x86_64/mount-2.12r-8.3mdv2007.0.x86_64.rpm
b55391c2d42ae2be0ec64816b0a4709f
2007.0/x86_64/util-linux-2.12r-8.3mdv2007.0.x86_64.rpm
67d816f2242c4c3d20f98caaa49aeb67
2007.0/SRPMS/util-linux-2.12r-8.3mdv2007.0.src.rpm
ORIGINAL ADVISORY:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066700.html
OTHER REFERENCES:
SA27145:
http://secunia.com/advisories/27145/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------