Mandrake Linux Security Advisory : util-linux (MDKSA-2007:111)
Medium Nessus Plugin ID 25429
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
Descriptionlogin in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
Updated packages have been patched to address this issue.
SolutionUpdate the affected losetup, mount and / or util-linux packages.