Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:159: glibc Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the glibc package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:159 (glibc).
The Trustix developers discovered that the catchsegv and glibcbug utilities,
part of the glibc package, created temporary files in an insecure manner. This
could allow for a symlink attack to create or overwrite arbitrary files with
the rights of the user invoking the program.
The updated packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:159
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.