Mandrake Linux Security Advisory : mtools (MDKSA-2004:016)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

Sebastian Krahmer found that the mformat program, when installed suid
root, can create any file with 0666 permissions as root, and that it
also does not drop privileges when reading local configuration files.

The updated packages remove the suid bit from mformat.

Solution :

Update the affected mtools package.

Risk factor :

Low / CVSS Base Score : 3.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14116 (mandrake_MDKSA-2004-016.nasl)

Bugtraq ID:

CVE ID: CVE-2004-2303

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now