|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2001:061-1: gtk+ Vulnerability Scan
Vulnerability Scan Summary Check for the version of the gtk+ package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2001:061-1 (gtk+).
A vulnerability exists with the GTK+ toolkit in that the GTK_MODULES environment
variable allows a local user to enter a directory path to a module that does not
necessarily need to be associated with GTK+. With this, a possible hacker could create
a custom module and load it using the toolkit which could result in elevated
rights, the overwriting of system files, and the execution of malicious
code.
Update:
The packages for 7.2 and Single Network Firewall 7.2 were not signed with our
GnuPG key. Please note the changed MD5 values of the below packages.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2001:061-1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|