Mandriva Update For Wml MDVSA-2008:076 (wml) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Two vulnerabilities were found in the Website META Language (WML) package that allowed local users to overwrite arbitrary files via symlink attacks. The updated packages have been patched to correct these issues.

Affected

wml on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2008-0665, CVE-2008-0666
CVSS Base Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Mandriva Security Advisory MDVSA-2009:313-1 (bind)
Mandriva Update for postfix MDVSA-2008:190 (postfix)
Mandriva Update for libgtop2 MDKSA-2007:023 (libgtop2)
Mandriva Update for amarok MDVSA-2008:172 (amarok)
Mandriva Update for spamassassin MDKSA-2007:125 (spamassassin)

Mandriva Update for wml MDVSA-2008:076 (wml)

Take action and discover your vulnerabilities