Mandrake Linux Security Advisory : netatalk (MDKSA-2004:121)
Low Nessus Plugin ID 15601
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionThe etc2ps.sh script, part of the netatalk package, creates files in /tmp with predicatable names which could allow a local attacker to use symbolic links to point to a valid file on the filesystem which could lead to the overwriting of arbitrary files if etc2ps.sh is executed by someone with enough privilege.
The updated packages are patched to prevent this problem.
SolutionUpdate the affected netatalk and / or netatalk-devel packages.