ID de Prueba:	1.3.6.1.4.1.25623.1.0.56490
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:038 (groff)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to groff announced via advisory MDKSA-2006:038. The Trustix Secure Linux team discovered a vulnerability in the groffer utility, part of the groff package. It created a temporary directory in an insecure way which allowed for the exploitation of a race condition to create or overwrite files the privileges of the user invoking groffer. Likewise, similar temporary file issues were fixed in the pic2graph and eqn2graph programs which now use mktemp to create temporary files, as discovered by Javier Fernandez-Sanguino Pena. The updated packages have been patched to correct this issue. Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:038 Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	BugTraq ID: 11287 Common Vulnerability Exposure (CVE) ID: CVE-2004-0969 http://www.securityfocus.com/bid/11287 http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038 http://secunia.com/advisories/18764 http://www.trustix.org/errata/2004/0050 XForce ISS Database: script-temporary-file-overwrite(17583) https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.