Test ID:	1.3.6.1.4.1.25623.1.0.58993
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2007:0969
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2007:0969. The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. A flaw was discovered in the way that the mount and umount utilities used the setuid and setgid functions, which could lead to privileges being dropped improperly. A local user could use this flaw to run mount helper applications such as, mount.nfs, with additional privileges (CVE-2007-5191). Users are advised to update to these erratum packages which contain a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0969.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High CVSS Score: 6.9
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5191 BugTraq ID: 25973 http://www.securityfocus.com/bid/25973 Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Debian Security Information: DSA-1449 (Google Search) http://www.debian.org/security/2008/dsa-1449 Debian Security Information: DSA-1450 (Google Search) http://www.debian.org/security/2008/dsa-1450 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html http://security.gentoo.org/glsa/glsa-200710-18.xml http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101 http://www.redhat.com/support/errata/RHSA-2007-0969.html http://www.securitytracker.com/id?1018782 http://secunia.com/advisories/27104 http://secunia.com/advisories/27122 http://secunia.com/advisories/27145 http://secunia.com/advisories/27188 http://secunia.com/advisories/27283 http://secunia.com/advisories/27354 http://secunia.com/advisories/27399 http://secunia.com/advisories/27687 http://secunia.com/advisories/28348 http://secunia.com/advisories/28349 http://secunia.com/advisories/28368 http://secunia.com/advisories/28469 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-533-1 http://www.vupen.com/english/advisories/2007/3417 http://www.vupen.com/english/advisories/2008/0064
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.