Mandriva Linux Security Advisory : audacity (MDVSA-2008:074)
Medium Nessus Plugin ID 37588
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionAudacity creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack.
The updated package fixes the issue.
SolutionUpdate the affected audacity package.