Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2003:031-1: usermode

Vulnerability Assessment Details

MDKSA-2003:031-1: usermode

Vulnerability Assessment Summary
Check for the version of the usermode package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2003:031-1 (usermode).

The /usr/bin/shutdown command that comes with the usermode package can be
executed by local users to shutdown all running processes and drop into a root
shell. This command is not really needed to shutdown a system, so it has been
removed and all users are encouraged to upgrade. Please note that the user must
have local console access in order to obtain a root shell in this fashion.
The previous updated packages did not properly fix the problem. The pam files
that permit a (physically) local user to shutdown were not removed. This has been

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Acer Aspire 3 15.6" Laptop AMD A4-9120 8 GB DDR4 1 TB HDD Windows 10 USB 3.0
Acer Aspire 3 15.6HP Envy X360 Convertible Laptop 15.6" i7-7500u 2.7GHz 128GB + 1TB HD 15-aq166nr
HP Envy X360 Convertible Laptop 15.6hP notebook 15-ay145nr 7th Gen i7-7500U 3.5GHz 15.6" 8GB 1TB SSHD W10
hP notebook 15-ay145nr 7th Gen i7-7500U 3.5GHz 15.6Dell PowerEdge R730 2x E5-2620v3 2.4GHz 6 Core 128GB 8x 1TB 7.2K SATA H730 RAID
Dell PowerEdge R730 2x E5-2620v3 2.4GHz 6 Core 128GB 8x 1TB 7.2K SATA H730 RAID picture


No Discussions have been posted on this vulnerability.