Test ID:	1.3.6.1.4.1.25623.1.0.840002
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-533-1)
Summary:	The remote host is missing an update for the 'util-linux' package(s) announced via the USN-533-1 advisory.
Description:	Summary: The remote host is missing an update for the 'util-linux' package(s) announced via the USN-533-1 advisory. Vulnerability Insight: Ludwig Nussel discovered that mount and umount did not properly drop privileges when using helper programs. Local attackers may be able to bypass security restrictions and gain root privileges using programs such as mount.nfs or mount.cifs. Affected Software/OS: 'util-linux' package(s) on Ubuntu 6.06, Ubuntu 6.10, Ubuntu 7.04. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5191 BugTraq ID: 25973 http://www.securityfocus.com/bid/25973 Bugtraq: 20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/485936/100/0/threaded Bugtraq: 20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages (Google Search) http://www.securityfocus.com/archive/1/486859/100/0/threaded Debian Security Information: DSA-1449 (Google Search) http://www.debian.org/security/2008/dsa-1449 Debian Security Information: DSA-1450 (Google Search) http://www.debian.org/security/2008/dsa-1450 https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html http://security.gentoo.org/glsa/glsa-200710-18.xml http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198 http://lists.vmware.com/pipermail/security-announce/2008/000002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101 http://www.redhat.com/support/errata/RHSA-2007-0969.html http://www.securitytracker.com/id?1018782 http://secunia.com/advisories/27104 http://secunia.com/advisories/27122 http://secunia.com/advisories/27145 http://secunia.com/advisories/27188 http://secunia.com/advisories/27283 http://secunia.com/advisories/27354 http://secunia.com/advisories/27399 http://secunia.com/advisories/27687 http://secunia.com/advisories/28348 http://secunia.com/advisories/28349 http://secunia.com/advisories/28368 http://secunia.com/advisories/28469 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-533-1 http://www.vupen.com/english/advisories/2007/3417 http://www.vupen.com/english/advisories/2008/0064
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.