Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN184-1 : util-linux vulnerability Vulnerability Scan


Vulnerability Scan Summary
util-linux vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- bsdutils
- mount
- util-linux
- util-linux-locales


Description :

David Watson discovered that "umount -r" removed some restrictive
mount options like the "nosuid" flag. If /etc/fstab contains
user-mountable removable devices which specify the "nosuid" flag
(which is common practice for such devices), a local attacker could
exploit this to execute arbitrary programs with root rights by
calling "umount -r" on a removable device.

This does not affect the default Ubuntu configuration. Since Ubuntu
mounts removable devices automatically, there is normally no need to
configure them manually in /etc/fstab.

Solution :

Upgrade to :
- bsdutils-2.12p-2ubuntu2.2 (Ubuntu 5.04)
- mount-2.12p-2ubuntu2.2 (Ubuntu 5.04)
- util-linux-2.12p-2ubuntu2.2 (Ubuntu 5.04)
- util-linux-locales-2.12p-2ubuntu2.2 (Ubuntu 5.04)



Threat Level: High


Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.