Mandrake Linux Security Advisory : gtk+ (MDKSA-2001:061-1)
High Nessus Plugin ID 13876
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability exists with the GTK+ toolkit in that the GTK_MODULES environment variable allows a local user to enter a directory path to a module that does not necessarily need to be associated with GTK+.
With this, an attacker could create a custom module and load it using the toolkit which could result in elevated privileges, the overwriting of system files, and the execution of malicious code.
The packages for 7.2 and Single Network Firewall 7.2 were not signed with our GnuPG key. Please note the changed MD5 values of the below packages.
SolutionUpdate the affected packages.