Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:159: kdeedu Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kdeedu package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:159 (kdeedu).
Ben Burton notified the KDE security team about several tempfile handling
related vulnerabilities in langen2kvtml, a conversion script for kvoctrain.
This vulnerability was initially discovered by Javier Fernández-Sanguino Peña.
The script uses known filenames in /tmp which allow an local attacker to
overwrite files writeable by the user (manually) invoking the conversion
The updated packages have been patched to correct this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:159
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.