Mandrake Linux Security Advisory : jmcce (MDKSA-2002:008)
Low Nessus Plugin ID 13916
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA problem exists in the jmcce program that is used for Chinese text on the console. jmcce is installed setuid root and places log files in /tmp; because jmcce does not perform suitable checking on the files it writes to and because it uses a predictable logfile name, an attacker could exploit this to arbitrarily overwrite any file on the system.
SolutionUpdate the affected jmcce package.