Mandriva Linux Security Advisory : davfs2 (MDVSA-2013:244)
High Nessus Plugin ID 70242
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA vulnerability has been discovered and corrected in davfs2 :
Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation (CVE-2013-4362).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected davfs2 package.