Mandriva Linux Security Advisory : perl-Proc-ProcessTable (MDVSA-2013:216)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing a security update.

Description :

Updated perl-Proc-ProcessTable package fixes security vulnerability :

ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when
TTY information caching is enabled, allows local users to overwrite
arbitrary files via a symlink attack on /tmp/TTYDEVS (CVE-2011-4363).

See also :

http://advisories.mageia.org/MGASA-2013-0254.html

Solution :

Update the affected perl-Proc-ProcessTable package.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:P)
CVSS Temporal Score : 2.3
(CVSS2#E:ND/RL:OF/RC:ND)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 69465 ()

Bugtraq ID: 50868

CVE ID: CVE-2011-4363

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now