Mandriva issues security fix

Keywords: Match:

May 25, 2006

Mandriva Linux issued a security advisory for its latest edition, version 2006.0, May 24, warning that a potential problem was found in the kernel's useradd tool. Useradd is used to add a mailbox for a new user.

According to Mandriva's advisory, when the tool is used, a missing argument to the open() call results in the first permissions of the file being some random garbage found on the stack, which then could possibly be held open for reading or writing before the proper fchmod() call is executed.

Affected versions are CS3.0, MNF2.0, and 10.2, Mandriva said in the advisory.

Packages have been patched to correct this issue, Mandriva said. Mandiva subscribers can use MandrakeUpdate to upgrade the kernel automatically, the France-based company added.

Users who may be running netfilter on important servers are encouraged to upgrade to these updated kernels immediately, Mandriva said.

To update your kernel, please follow the directions located here.

Related Stories:

(Click here for further information)

Home \| News \| Articles \| Forum \| Polls \| About \| Contact

	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| Channel News
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep
Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2011 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.

Home \| News \| Articles \| Forum \| Polls \| About \| Contact

	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| Channel News
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep
Use of this site is governed by our Terms of Service and Privacy Policy. Except where otherwise specified, the contents of this site are copyright © 1999-2011 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.