|
Family: Ubuntu Local Security Checks --> Category: infos
USN15-1 : lvm10 vulnerability Vulnerability Scan
Vulnerability Scan Summary lvm10 vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "lvm10" is missing a security patch.
Description :
Recently, Trustix Secure Linux discovered a vulnerability in a
supplemental script of the lvm10 package. The program
"lvmcreate_initrd" created a temporary directory in an insecure way,
which could allow a symlink attack to create or overwrite arbitrary
files with the rights of the user invoking the program.
Solution :
Upgrade to :
- lvm10-1.0.8-4ubuntu1.1 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|