Mandrake Linux Security Advisory : ispell (MDKSA-2001:058)
Low Nessus Plugin ID 13874
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionThe ispell program uses mktemp() to open temporary files. This makes it vulnerable to symlink attacks. The program now has a patch from OpenBSD applied that uses mkstemp() instead, and switches gets() to fgets() for dealing with user input.
SolutionUpdate the affected ispell, ispell-de and / or ispell-en packages.