Mandriva Linux Security Advisory : ganglia (MDVSA-2013:080)
High Nessus Plugin ID 66094
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated ganglia packages fix security vulnerability :
There is a security issue in Ganglia Web going back to at least 3.1.7 which can lead to arbitrary script being executed with web user privileges possibly leading to a machine compromise.
Additionally, an issue where active NFS mounts caused gmond to not start has also been corrected.
When installing ganglia-gmetad, the installer uses the non-existent nobody, and not nogroup, as the group when changing new ownership of files.
SolutionUpdate the affected packages.