Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:033: xine-ui Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xine-ui package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:033 (xine-ui).
Shaun Colley discovered a temporary file vulnerability in the xine-check script
packaged in xine-ui. This problem could allow local attackers to overwrite
arbitrary files with the rights of the user invoking the script.
The updated packages change the location of where temporary files are written to
prevent this attack.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:033
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.