Mandriva Linux Security Advisory : util-linux-ng (MDVSA-2008:114)

High Nessus Plugin ID 36569


The remote Mandriva Linux host is missing a security update.


Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events.

The updated packages have been patched to fix the issue.


Update the affected util-linux-ng package.

Plugin Details

Severity: High

ID: 36569

File Name: mandriva_MDVSA-2008-114.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2009/04/23

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:util-linux-ng, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2008/06/13

Reference Information

CVE: CVE-2008-1926

MDVSA: 2008:114

CWE: 94