Test ID:	1.3.6.1.4.1.25623.1.0.72055
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2012:083 (util-linux)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to util-linux announced via advisory MDVSA-2012:083. Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1675). mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors (CVE-2011-1677). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:083 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1089 46740 http://www.securityfocus.com/bid/46740 MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 MDVSA-2011:179 http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 RHSA-2011:1526 http://www.redhat.com/support/errata/RHSA-2011-1526.html [oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/11 [oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/9 [oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/12 [oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 [oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/07/9 [oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall.com/lists/oss-security/2011/03/14/5 http://openwall.com/lists/oss-security/2011/03/14/7 [oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/15/6 [oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/22/4 http://openwall.com/lists/oss-security/2011/03/22/6 [oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/03/31/3 http://openwall.com/lists/oss-security/2011/03/31/4 [oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE http://openwall.com/lists/oss-security/2011/04/01/2 http://sourceware.org/bugzilla/show_bug.cgi?id=12625 https://bugzilla.redhat.com/show_bug.cgi?id=688980 Common Vulnerability Exposure (CVE) ID: CVE-2011-1675 http://www.redhat.com/support/errata/RHSA-2011-1691.html http://secunia.com/advisories/48114 XForce ISS Database: utillinux-mtab-security-bypass(66705) https://exchange.xforce.ibmcloud.com/vulnerabilities/66705 Common Vulnerability Exposure (CVE) ID: CVE-2011-1677 XForce ISS Database: utillinux-mount-unspecified(66703) https://exchange.xforce.ibmcloud.com/vulnerabilities/66703
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.