MDVSA-2011:034 -- Mandriva bansheeID: oval:org.secpod.oval:def:300412 | Date: (C)2012-01-07 (M)2021-07-09 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in banshee: The banshee-1 and muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . Packages for 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2010.1 |
Mandriva Linux 2009.0 |