Mandrake Linux Security Advisory : netatalk (MDKSA-2004:121)

Low Nessus Plugin ID 15601


The remote Mandrake Linux host is missing one or more security updates.


The script, part of the netatalk package, creates files in /tmp with predicatable names which could allow a local attacker to use symbolic links to point to a valid file on the filesystem which could lead to the overwriting of arbitrary files if is executed by someone with enough privilege.

The updated packages are patched to prevent this problem.


Update the affected netatalk and / or netatalk-devel packages.

Plugin Details

Severity: Low

ID: 15601

File Name: mandrake_MDKSA-2004-121.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2004/11/02

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:netatalk, p-cpe:/a:mandriva:linux:netatalk-devel, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:10.1, cpe:/o:mandrakesoft:mandrake_linux:9.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2004/11/01

Reference Information

CVE: CVE-2004-0974

MDKSA: 2004:121