Mandrake Linux Security Advisory : tripwire (MDKSA-2004:057-1)
High Nessus Plugin ID 14156
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionPaul Herman discovered a format string vulnerability in tripwire that could allow a local user to execute arbitrary code with the rights of the user running tripwire (typically root). This vulnerability only exists when tripwire is generating an email report.
The packages previously released for Mandrakelinux 9.2 would segfault when doing a check due to compilation problems. The updated packages correct the problem.
SolutionUpdate the affected tripwire package.