Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Autofs Privilege Escalation Vulnerability

Title : Fedora Security Update Fixes Autofs Privilege Escalation Vulnerability
VUPEN ID : VUPEN/ADV-2007-4297
CVE ID : CVE-2007-6285
Rated as : Low Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2007-12-24

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by malicious users to gain elevated privileges. This issue is caused by an error in Autofs. For additional information, see : VUPEN/ADV-2007-4287

Affected Products

Fedora 7
Fedora 8

Solution

Upgrade the affected packages :

128a3cf695f9c6662f9e474f833af528208182b7 autofs-debuginfo-5.0.1-31.ppc64.rpm
fc3114f874372d841b08ccee8287f631253454a8 autofs-5.0.1-31.ppc64.rpm
fa139fe88f913d4baaeea0906362776714098254 autofs-5.0.1-31.i386.rpm
58433c1470b32faf39b9c8dd3419907b2f1bc164 autofs-debuginfo-5.0.1-31.i386.rpm
8e5583a88125b5cc1de040ec7a37b57a5f014ae3 autofs-debuginfo-5.0.1-31.x86_64.rpm
f4693139aadd71c37002548da618bc6096936bca autofs-5.0.1-31.x86_64.rpm
fd72d964299f2476244c46d7217016a4a477ae0c autofs-debuginfo-5.0.1-31.ppc.rpm
86f8116cd5906ead13d350e5455cbfb1a8eb46dd autofs-5.0.1-31.ppc.rpm
a47e9f37124f13bc7b720df5f6118a69e78ee329 autofs-5.0.1-31.src.rpm

b08e6a8236afd2250c8542612de29016f5d55efa autofs-debuginfo-5.0.2-24.ppc64.rpm
138d99ea5884b4128560dc1219d35045275bf34c autofs-5.0.2-24.ppc64.rpm
ef3527ea1b8230a764bddb76225eb2321ca60833 autofs-debuginfo-5.0.2-24.i386.rpm
297cb54d73055ad2bd2942997cde4d63dbe3a40a autofs-5.0.2-24.i386.rpm
ff889edb84ef0e04635ced4d3bb6068827c49f78 autofs-5.0.2-24.x86_64.rpm
a677c2dfac98532125583771ea565ba6f18f263d autofs-debuginfo-5.0.2-24.x86_64.rpm
359d08650474f1f97eba5421e06aff2a48e447f8 autofs-debuginfo-5.0.2-24.ppc.rpm
f684647d7866a64cf655a582d665d6cefe7506f0 autofs-5.0.2-24.ppc.rpm
32b82ceae98e35860ec74c84f6d5ffac2282f191 autofs-5.0.2-24.src.rpm

References

http://www.vupen.com/english/advisories/2007/4297
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00732.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00726.html

ChangeLog

2007-12-24 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy