Mandrake Linux Security Advisory : kernel (MDKSA-2000:012)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

POSIX 'Capabilities' have recently been implemented in the Linux
kernel. These 'Capabilities' are an additional form of privilege
control to enable more specific control over what privileged processes
can do. Capabilities are implemented as three (fairly large)
bitfields, which each bit representing a specific action a privileged
process can perform. By setting specific bits, the actions of
priviliged processes can be controlled -- access can be granted for
various functions only to the specific parts of a program that require
them. It is a security measure.

Important: If you use ReiserFS, please don't forget to do as following
after the upgrade :

- If you used MandrakeUpdate or rpm -Uvh to upgrade,
reinstall kernel 2.2.15 from native Mandrake 7.1

- Type: cd /lib/modules/2.2.15-4mdk

- Type: /sbin/depmod -a

- Type: mkinitrd -f --ifneeded /boot/initrd-2.2.16-9mdk
2.2.16-9mdk

- You can now remove the older 2.2.15. Type: rpm -e
kernel-2.2.15

- Type: ln -sf /boot/initrd-2.2.16-9mdk /boot/initrd.img

- Type: ln -sf /boot/System.map-2.2.16-9mdk
/boot/System.map

- Type: ln -sf /boot/vmlinuz-2.2.16-9mdk /boot/vmlinuz

- In /etc/lilo.conf add: initrd=/boot/initrd-2.2.16-9mdk

- Type: lilo -v

Solution :

Update the affected packages.

Risk factor :

High

Family: Mandriva Local Security Checks

Nessus Plugin ID: 61810 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now