Mandrake Linux Security Advisory : perl (MDKSA-2005:079)
Low Nessus Plugin ID 18172
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionPaul Szabo discovered another vulnerability in the rmtree() function in File::Path.pm. While a process running as root (or another user) was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree.
The provided packages have been patched to resolve this problem.
SolutionUpdate the affected packages.