Vulnerability Assessment & Network Security Forums
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.
Vulnerability Assessment Details
Check for the version of the drakxtools package
Detailed Explanation for this Vulnerability Assessment
The remote host is missing the patch for the advisory MDKA-2006:056 (drakxtools).
Several bugs were fixed in drakxtools:
- it was not possible to start rpmdrake from the menu (#26383) - it was
not possible to set up updates media and then distro media (or the
reverse) in edit-urpm-sources - drakauth: o add encrypted home and
pam_mount support o hide password when calling 'net join' or 'net ads
join' (pixel) - drakbackup: o fix archiver detection/config file
replace (stew, #26705, #27180) o do not backup the backups (Adamw) -
drakboot: support Xen with lilo using mbootpack - drakfirewall: really
disable services (#27295) - drakvpn: o add pkcs11 token support for
openvpn o ask password/PIN if needed - drakconnect/drakroam: o detect
wireless interfaces with unknown driver, e.g. rt61 o do not check for
ipw3945 kernel module packages o do not wrongly tell that
acx100-firmware can be found in Club or commercial editions (#26475) o
use iwpriv commands to configure WPA on rt2570 and rt61 chipsets o
update madwifi URL which was old - finish-install: add encrypted home
and pam_mount support - printerdrake: due to changes in the format of
HPLIP's device description XML files, scanner functionality was not
recognized any more (#26567).
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKA-2006:056
Network Security Threat Level: High
Networks Security ID:
Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security
No Discussions have been posted on this vulnerability.