TITLE: Mandriva update for cfengine SECUNIA ADVISORY ID: SA17182 VERIFY ADVISORY: http://secunia.com/advisories/17182/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Mandrakelinux 10.1 http://secunia.com/product/4198/ Mandrake Corporate Server 2.x http://secunia.com/product/1222/ DESCRIPTION: Mandriva has issued an update for cfengine. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. For more information: SA17037 SOLUTION: Apply updated packages. Mandrakelinux 10.1: acf648169c296d474886d1d98752a763 10.1/RPMS/cfengine-1.6.5-4.3.101mdk.i586.rpm 176cbf5b72aba7c6a2b40daf4ee09c94 10.1/SRPMS/cfengine-1.6.5-4.3.101mdk.src.rpm Mandrakelinux 10.1/X86_64: a9bed51735d6762fe3e1d66c8657f65a x86_64/10.1/RPMS/cfengine-1.6.5-4.3.101mdk.x86_64.rpm 176cbf5b72aba7c6a2b40daf4ee09c94 x86_64/10.1/SRPMS/cfengine-1.6.5-4.3.101mdk.src.rpm Corporate Server 2.1: 12057e0591bdb14e49b74d5c1c268196 corporate/2.1/RPMS/cfengine-1.6.3-8.3.C21mdk.i586.rpm 4026484a33d7d324da1dce56fd697842 corporate/2.1/SRPMS/cfengine-1.6.3-8.3.C21mdk.src.rpm Corporate Server 2.1/X86_64: 4dc4d9a367d056f053af80118cee8886 x86_64/corporate/2.1/RPMS/cfengine-1.6.3-8.3.C21mdk.x86_64.rpm 4026484a33d7d324da1dce56fd697842 x86_64/corporate/2.1/SRPMS/cfengine-1.6.3-8.3.C21mdk.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2005:184 OTHER REFERENCES: SA17037: http://secunia.com/advisories/17037/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------