Mandriva Linux Security Advisory : coreutils (MDVSA-2010:024)
Medium Nessus Plugin ID 44123
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability were discovered and corrected in coreutils :
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp (CVE-2009-4135).
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected coreutils and / or coreutils-doc packages.