MDVSA-2010:081 -- Mandriva apache-mod_auth_shadowID: oval:org.secpod.oval:def:300200 | Date: (C)2012-01-07 (M)2021-09-30 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in apache-mod_auth_shadow: A race condition was found in the way mod_auth_shadow used an external helper binary to validate user credentials . A remote attacker could use this flaw to bypass intended access restrictions, resulting in ability to view and potentially alter resources, which should be otherwise protected by authentication . Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |
Product: |
apache-mod_auth_shadow |