Mandriva Linux Security Advisory : ganglia (MDVSA-2013:080)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Updated ganglia packages fix security vulnerability :

There is a security issue in Ganglia Web going back to at least 3.1.7
which can lead to arbitrary script being executed with web user
privileges possibly leading to a machine compromise.

Additionally, an issue where active NFS mounts caused gmond to not
start has also been corrected.

When installing ganglia-gmetad, the installer uses the non-existent
nobody, and not nogroup, as the group when changing new ownership of
files.

See also :

https://wiki.mageia.org/en/Support/Advisories/MGAA-2013-0008

Solution :

Update the affected packages.

Risk factor :

High

Family: Mandriva Local Security Checks

Nessus Plugin ID: 66094 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now