Mandriva Update For Policykit MDVSA-2008:087 (policykit) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password. The updated package has been patched to correct this issue.

Affected

policykit on Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1658

CVSS	Base Score: 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:201 (fetchmail)
Mandrake Security Advisory MDVSA-2009:048 (epiphany)
Mandrake Security Advisory MDVSA-2009:048-2 (epiphany)
Mandrake Security Advisory MDVSA-2009:122 (squirrelmail)
Mandrake Security Advisory MDVSA-2009:211 (expat)

Mandriva Update for policykit MDVSA-2008:087 (policykit)

Take action and discover your vulnerabilities