First published: Thu Nov 15 2007(Updated: )
The util-linux package contains a large variety of low-level system<br>utilities that are necessary for a Linux system to function. <br>A flaw was discovered in the way that the mount and umount utilities<br>used the setuid and setgid functions, which could lead to privileges being<br>dropped improperly. A local user could use this flaw to run mount helper<br>applications such as, mount.nfs, with additional privileges (CVE-2007-5191).<br>Users are advised to update to these erratum packages which contain a<br>backported patch to correct this issue.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/util-linux | <2.13-0.45.el5_1.1 | 2.13-0.45.el5_1.1 |
redhat/util-linux | <2.13-0.45.el5_1.1 | 2.13-0.45.el5_1.1 |
redhat/util-linux | <2.12a-17.el4_6.1 | 2.12a-17.el4_6.1 |
redhat/util-linux | <2.12a-17.el4_6.1 | 2.12a-17.el4_6.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.