This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
A severe security issue has been discovered in Smb4K. By linking a
simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker
could get access to the full contents of the /etc/super.tab or
/etc/sudoers file, respectively, because Smb4K didn't check for the
existance of these files before writing any contents. When using
super, the attack also resulted in /etc/super.tab being a symlink to
Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.
The updated packages have been patched to correct this problem.
See also :
Update the affected smb4k package.
Risk factor :
Low / CVSS Base Score : 2.1