aru Posted April 19, 2004 Report Share Posted April 19, 2004 MandrakeSoft Security Advisory MDKSA-2004:033 : xine-ui April 19th, 2004 Updated xine-ui packages fix temporary file insecurities Shaun Colley discovered a temporary file vulnerability in the xine-check script packaged in xine-ui. This problem could allow local attackers to overwrite arbitrary files with the privileges of the user invoking the script. The updated packages change the location of where temporary files are written to prevent this attack. The released versions of Mandrake GNU/Linux affected are: 9.2 9.2/AMD64 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:033 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0372 Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts