Mandriva Linux Security Advisory : audacity (MDVSA-2008:074)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandriva Linux host is missing a security update.

Description :

Audacity creates a temporary directory with a predictable name without
checking for previous existence of that directory, which allows local
users to cause a denial of service (recording deadlock) by creating
the directory before Audacity is run. This issue can also be leveraged
to delete arbitrary files or directories via a symlink attack.

The updated package fixes the issue.

Solution :

Update the affected audacity package.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Mandriva Local Security Checks

Nessus Plugin ID: 37588 (mandriva_MDVSA-2008-074.nasl)

Bugtraq ID:

CVE ID: CVE-2007-6061

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now