Mandrake Linux Security Advisory : inn (MDKSA-2000:023)
High Nessus Plugin ID 61821
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with inn installed. This new version also does not install inews as setgid news or rnews as setuid root. Many other security paranoia fixes have been made as well.
SolutionUpdate the affected inews, inn and / or inn-devel packages.