---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Mandriva update for util-linux SECUNIA ADVISORY ID: SA27122 VERIFY ADVISORY: http://secunia.com/advisories/27122/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ DESCRIPTION: Mandriva has issued an update for util-linux. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA27145 SOLUTION: Apply updated packages. Mandriva Linux 2007.0: 64440de5b0e17ede0ff6d5647ed2ff59 2007.0/i586/losetup-2.12r-8.3mdv2007.0.i586.rpm 15992ebb5aad91809aa77fd95d18ca0d 2007.0/i586/mount-2.12r-8.3mdv2007.0.i586.rpm b60fa731a619023d9ee621193fb774f5 2007.0/i586/util-linux-2.12r-8.3mdv2007.0.i586.rpm 67d816f2242c4c3d20f98caaa49aeb67 2007.0/SRPMS/util-linux-2.12r-8.3mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: b3fc22fbec0cab2444bb266551ece54a 2007.0/x86_64/losetup-2.12r-8.3mdv2007.0.x86_64.rpm 2d1a2b67e27f03f1478b6d403101360f 2007.0/x86_64/mount-2.12r-8.3mdv2007.0.x86_64.rpm b55391c2d42ae2be0ec64816b0a4709f 2007.0/x86_64/util-linux-2.12r-8.3mdv2007.0.x86_64.rpm 67d816f2242c4c3d20f98caaa49aeb67 2007.0/SRPMS/util-linux-2.12r-8.3mdv2007.0.src.rpm ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066700.html OTHER REFERENCES: SA27145: http://secunia.com/advisories/27145/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------