Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27760
HistoryMar 18, 2012 - 12:00 a.m.

[ MDVSA-2012:030 ] systemd

2012-03-1800:00:00
vulners.com
6
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2012:030
http://www.mandriva.com/security/

Package : systemd
Date : March 16, 2012
Affected: 2011.

Problem Description:

A vulnerability has been found and corrected in systemd:

A TOCTOU race condition was found in the way the systemd-logind
login manager of the systemd, a system and service manager for Linux,
performed removal of particular records related with user session upon
user logout. A local attacker could use this flaw to conduct symbolic
link attacks, potentially leading to removal of arbitrary system file
(CVE-2012-1174).

The updated packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1174

Updated Packages:

Mandriva Linux 2011:
babb58c1bfed5771648536306cfbee20 2011/i586/systemd-29-8.2-mdv2011.0.i586.rpm
7ea7f957bb91d211c1c390dd805c5666 2011/i586/systemd-gtk-29-8.2-mdv2011.0.i586.rpm
37a1216151f1888d985c0a784e3a71ca 2011/i586/systemd-sysvinit-29-8.2-mdv2011.0.i586.rpm
8b1e5251cc709a5c7dc499dc34abbeec 2011/i586/systemd-units-29-8.2-mdv2011.0.i586.rpm
8b4d1dfff9b62bfa97732ea8f28dced9 2011/SRPMS/systemd-29-8.2.src.rpm

Mandriva Linux 2011/X86_64:
189b87bc469f3e803729ddd1c496ea7d 2011/x86_64/systemd-29-8.2-mdv2011.0.x86_64.rpm
ec3f95ed6706b3d057afe7e62b590b0a 2011/x86_64/systemd-gtk-29-8.2-mdv2011.0.x86_64.rpm
98125c6515460472604ab76183ddf63f 2011/x86_64/systemd-sysvinit-29-8.2-mdv2011.0.x86_64.rpm
723aeadda814b44ae5abf98ab98a62b5 2011/x86_64/systemd-units-29-8.2-mdv2011.0.x86_64.rpm
8b4d1dfff9b62bfa97732ea8f28dced9 2011/SRPMS/systemd-29-8.2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPY2kwmqjQ0CJFipgRAvRRAJ9yCEw+fhFVTTAi2PnjzdstBCyT3QCgqeyU
mEYlhwfBY6gEQwh93fMRc/s=
=ZDaq
-----END PGP SIGNATURE-----

Related

nessus 5
prion 1
debiancve 1
openvas 8
fedora 5
cve 1
securityvulns 1
nessus
nessus
Mandriva Linux Security Advisory : systemd (MDVSA-2012:030)
2012-09-06 00:00:00
Fedora 15 : systemd-26-18.fc15 (2012-4024)
2012-03-26 00:00:00
openSUSE Security Update : systemd (openSUSE-SU-2012:0383-1)
2014-06-13 00:00:00
prion
prion
Session fixation
2012-07-12 20:55:00
debiancve
debiancve
CVE-2012-1174
2012-07-12 20:55:00
openvas
openvas
Mandriva Update for systemd MDVSA-2012:030 (systemd)
2012-08-03 00:00:00
Fedora Update for systemd FEDORA-2012-4024
2012-03-26 00:00:00
Mandriva Update for systemd MDVSA-2012:030 (systemd)
2012-08-03 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: systemd-26-18.fc15
2012-03-26 17:55:21
[SECURITY] Fedora 16 Update: systemd-37-17.fc16
2012-03-26 18:00:28
[SECURITY] Fedora 17 Update: systemd-44-6.fc17
2012-04-25 05:03:08
cve
cve
CVE-2012-1174
2012-07-12 20:55:00
securityvulns
securityvulns
Linux systemd race conditions
2012-03-18 00:00:00
JSON
Related for SECURITYVULNS:DOC:27760
nessus5prion1debiancve1openvas8fedora5cve1securityvulns1