Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2005:046: uim Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the uim package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2005:046 (uim).

Takumi ASAKI discovered that uim always trusts environment variables which can
allow a local attacker to obtain elevated rights when libuim is linked
against an suid/sgid application. This problem is only exploitable in 'immodule
for Qt' enabled Qt applications.

The updated packages are patched to fix the problem.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.