Mandriva Linux Security Advisory : mono (MDVSA-2009:269)
Medium Nessus Plugin ID 48155
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in mono :
The XML HMAC signature system did not correctly check certain lengths.
If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation (CVE-2009-0217).
This update fixes this vulnerability.
SolutionUpdate the affected packages.