Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2007:046: gnucash Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gnucash package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2007:046 (gnucash).
Gnucash 2.0.4 and earlier allows local users to overwrite arbitrary
files via a symlink attack on the (1) gnucash.trace, (2) qof.trace,
and (3) qof.trace.[PID] temporary files.
Updated package have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:046
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.