This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
Updated Internet Message packages are available that fix the insecure
handling of temporary files.
[Updated 9 April 2003] Added packages for Red Hat Linux Advanced
Workstation, Red Hat Enterprise Linux ES, and Red Hat Enterprise Linux
Internet Message (IM) consists of a set of user interface commands and
backend Perl5 libraries to integrate email and the NetNews user
interface. These commands are designed to be used from both the Mew
mail reader for Emacs and the command line.
A vulnerability has been discovered by Tatsuya Kinoshita in the way
two IM utilities create temporary files. By anticipating the names
used to create files and directories stored in the /tmp directory, it
may be possible for a local attacker to corrupt or modify data as
Users of IM are advised to install these packages which contain a
backported patch to correct these issues.
See also :
Update the affected im package.
Risk factor :
Low / CVSS Base Score : 2.1
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12359 ()
CVE ID: CVE-2002-1395
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.