Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2001:087: expect Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the expect package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2001:087 (expect).
A packaging problem that can lead to a root compromise existed in the expect
package as provided in Mandrake Linux 8.1. expect would look for libraries in
the directory /home/snailtalk/tmp/tcltk-root/usr/lib before any other and if
such a user existed on the system, with rogue libraries, if root were to execute
expect, a compromise could occur.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2001:087
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.