openSUSE 10 Security Update : util-linux (util-linux-4552)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Insufficient length checks when reading the passphrase for encrypted
paritions in the mount program could cause a buffer overflow that
could potentially be exploited to gain root privileges.

When executing helper program 'mount' didn't check the return value of
setuid(). Therefore helper program could potenially run as root
(CVE-2007-5191).

Solution :

Update the affected util-linux package.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 27514 ()

Bugtraq ID:

CVE ID: CVE-2007-5191

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now