Mandriva Update For Util-linux MDKSA-2007:053 (util-linux) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Umount allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. Updated packages have been patched to address this issue.

Affected

util-linux on Mandriva Linux 2006.0, Mandriva Linux 2006.0/X86_64, Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64

Severity

Classification

CVE CVE-2007-0822

CVSS	Base Score: 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Mandriva Update for perl-URPM MDVA-2010:226 (perl-URPM)
Mandrake Security Advisory MDVSA-2009:256 (dbus)
Mandriva Update for gnome-screensaver MDVSA-2008:135 (gnome-screensaver)
Mandriva Update for openssl MDVSA-2011:136 (openssl)
Mandriva Update for ncpfs MDVSA-2010:061 (ncpfs)

Mandriva Update for util-linux MDKSA-2007:053 (util-linux)

Take action and discover your vulnerabilities