Slackware Advisory SSA:2005-255-02 Util-linux Umount Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2005-255-01.

Solution

http://www.securityfocus.com/archive/1/410333 https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-255-01

Insight

New util-linux packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue with umount. A bug in the '-r' option could allow flags in /etc/fstab to be improperly dropped on user-mountable volumes, allowing a user to gain root privileges.

Severity

Classification

CVE CVE-2005-2876
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2004-136-01 mc
Slackware Advisory SSA:2005-251-04 php5 in Slackware 10.1
Slackware Advisory SSA:2004-014-02 INN security update
Slackware Advisory SSA:2006-259-01 x11
Slackware Advisory SSA:2004-305-02 libtiff

Slackware Advisory SSA:2005-255-02 util-linux umount

Take action and discover your vulnerabilities