Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2005:032-1: cpio Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the cpio package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2005:032-1 (cpio).

A vulnerability in cpio was discovered where cpio would create world- writeable
files when used in -o/--create mode and giving an output file (with -O). This
would allow any user to modify the created cpio archive. The updated packages
have been patched so that cpio now respects the current umask setting of the


The updated cpio packages for 10.1, while they would install with urpmi on the
commandline, would not install via rpmdrake. The updated packages correct that.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.