Mandrake Linux Security Advisory : rpm (MDKSA-2006:200)
Medium Nessus Plugin ID 24585
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA heap-based buffer overflow was discovered in librpm when the LANG or LC_ALL environment variable is set to ru_RU.UTF-8 (and possibly other locales), which could allow for user-assisted attackers to execute arbitrary code via crafted RPM packages.
Updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.