Detections
Analytics
Mandrake Linux Security Advisory : inn (MDKSA-2000:023)
high Nessus Plugin ID 61821
Language:
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with inn installed. This new version also does not install inews as setgid news or rnews as setuid root. Many other security paranoia fixes have been made as well.Solution
Update the affected inews, inn and / or inn-devel packages.Plugin Details
Severity: High
ID: 61821
File Name: mandrake_MDKSA-2000-023.nasl
Version: 1.6
Type: local
Family: Mandriva Local Security Checks
Published: 9/6/2012
Updated: 1/6/2021
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:inews, p-cpe:/a:mandriva:linux:inn, p-cpe:/a:mandriva:linux:inn-devel, cpe:/o:mandrakesoft:mandrake_linux:6.0, cpe:/o:mandrakesoft:mandrake_linux:6.1, cpe:/o:mandrakesoft:mandrake_linux:7.0, cpe:/o:mandrakesoft:mandrake_linux:7.1
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 7/22/2000
Reference Information
MDKSA: 2000:023