Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat: RHSA-2007:1128-01 Important: Autofs Privilege Escalation

red hat
Calendar Grey December 12, 2007
Dist Redhat Esm H88
Revised httpd modules resolve critical vulnerabilities in CentOS 7, enhancing protection against potential exploits.
Updated autofs packages are now available to fix a security flaw for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

410031 - CVE-2007-5964 autofs defaults don't restrict suid in /net

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: 2a25ed0ef9c01abe09f19f8a89452fcd autofs-5.0.1-0.rc2.55.el5.1.src.rpm

i386: 29d9a96e22d453a52c3cb6b2663bd984 autofs-5.0.1-0.rc2.55.el5.1.i386.rpm 92dcccbc5132698374cea61159366f23 autofs-debuginfo-5.0.1-0.rc2.55.el5.1.i386.rpm

x86_64: 234de8994b5e122cff78e9655e19d510 autofs-5.0.1-0.rc2.55.el5.1.x86_64.rpm 570bd949d8da5b104fdb4a8de2eccbaf autofs-debuginfo-5.0.1-0.rc2.55.el5.1.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: 2a25ed0ef9c01abe09f19f8a89452fcd autofs-5.0.1-0.rc2.55.el5.1.src.rpm

i386: 29d9a96e22d453a52c3cb6b2663bd984 autofs-5.0.1-0.rc2.55.el5.1.i386.rpm 92dcccbc5132698374cea61159366f23 autofs-debuginfo-5.0.1-0.rc2.55.el5.1.i386.rpm

ia64: 8abb97c8cd6ad16e67780c6d4251ded3 autofs-5.0.1-0.rc2.55.el5.1.ia64.rpm 86fda06872725a92ea8f3ffb552c7307 autofs-debuginfo-5.0.1-0.rc2.55.el5.1.ia64.rpm

ppc: 780aa280f5927f34506acd60353bf0fc autofs-5.0.1-0.rc2.55.el5.1.ppc.rpm 36925b686e89552da9cf3ca66fceba20 autofs-debuginfo-5.0.1-0.rc2.55.el5.1.ppc.rpm

s390x: 37a973950e8683cbaf4b47caa2458ffb autofs-5.0.1-0.rc2.55.el5.1.s390x.rpm 4a8545d5d0f8c8bf1ae2a955ca5def5b autofs-debuginfo-5.0.1-0.rc2.55.el5.1.s390x.rpm

x86_64: 234de8994b5e122cff78e9655e19d510 autofs-5.0.1-0.rc2.55.el5.1.x86_64.rpm 570bd949d8da5b104fdb4a8de2eccbaf autofs-debuginfo-5.0.1-0.rc2.55.el5.1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-5964 https://access.redhat.com/security/updates/classification#important

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:1128-01
Issue date: 2007-12-12
Updated on: 2007-12-12
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here