Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:080: shorewall Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the shorewall package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:080 (shorewall).
The shorewall package has a vulnerability when creating temporary files and
directories, which could allow non-root users to overwrite arbitrary files on
the system. The updated packages are patched to fix the problem.
As well, for Mandrakelinux 10.0, the updated packages have been fixed to start
shorewall after the network, rather than before.
After updating the package, if shorewall was previously running, you may need to
issue a 'service shorewall restart'.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:080
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.