Mandrake Linux Security Advisory : gnorpm (MDKSA-2000:055)
High Nessus Plugin ID 61845
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionVersions of GnoRPM prior to 0.95 used files in the /tmp directory in an insecure manner. If GnoRPM is run as root, a local user can exploit this behaviour to trick GnoRPM into writing to arbitrary files anywhere on the system.
SolutionUpdate the affected gnorpm package.