Mandrake Linux Security Advisory : xine-ui (MDKSA-2004:033)
Low Nessus Plugin ID 14132
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionShaun Colley discovered a temporary file vulnerability in the xine-check script packaged in xine-ui. This problem could allow local attackers to overwrite arbitrary files with the privileges of the user invoking the script.
The updated packages change the location of where temporary files are written to prevent this attack.
SolutionUpdate the affected xine-ui, xine-ui-aa and / or xine-ui-fb packages.