Debian Security Advisory DSA 823-1 (util-linux) Network Vulnerability

Summary

The remote host is missing an update to util-linux announced via advisory DSA 823-1. David Watson discoverd a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. For the old stable distribution (woody) this problem has been fixed in version 2.11n-7woody1.

Solution

For the stable distribution (sarge) this problem has been fixed in version 2.12p-4sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.12p-8. We recommend that you upgrade your loop-aes-utils package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20823-1

Severity

Classification

CVE CVE-2005-2876

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 033-1 (analog)
Debian Security Advisory DSA 016-1 (wu-ftpd)
Debian Security Advisory DSA 1039-1 (blender)
Debian Security Advisory DSA 018-1 (tinyproxy)
Debian Security Advisory DSA 061-1 (gnupg)

Take action and discover your vulnerabilities