Mandrake Linux Security Advisory : vim (MDKSA-2005:029)
Medium Nessus Plugin ID 16302
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionJavier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, 'tcltags' and 'vimspell.sh' created temporary files in an insecure manner which could allow a malicious user to execute a symbolic link attack or to create, or overwrite, arbitrary files with the privileges of the user invoking the scripts.
The updated packages are patched to prevent this problem.
SolutionUpdate the affected packages.