Mandrake Linux Security Advisory : pine (MDKSA-2001:047-1)

low Nessus Plugin ID 13866

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Versions of the Pine email client prior to 4.33 have various temporary file creation problems, as does the pico editor. These issues allow any user with local system access to cause any files owned by any other user, including root, to potentially be overwritten if the conditions were right.

Update :

The packages for 7.1 and Corporate Server did not properly update the menu entries. These updated packages update the menu entries.

Solution

Update the affected pine package.

See Also

http://www.cups.org/relnotes.html#01010700

Plugin Details

Severity: Low

ID: 13866

File Name: mandrake_MDKSA-2001-047.nasl

Version: 1.16

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:pine, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 5/7/2001

Reference Information

CVE: CVE-2001-0736

MDKSA: 2001:047, 2001:047-1