Mandrake Linux Security Advisory : mtools (MDKSA-2004:016)
Low Nessus Plugin ID 14116
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionSebastian Krahmer found that the mformat program, when installed suid root, can create any file with 0666 permissions as root, and that it also does not drop privileges when reading local configuration files.
The updated packages remove the suid bit from mformat.
SolutionUpdate the affected mtools package.