Test ID:	1.3.6.1.4.1.25623.1.0.55230
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2005:159 (kdeedu)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to kdeedu announced via advisory MDKSA-2005:159. Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fernández-Sanguino Peña. The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user (manually) invoking the conversion script. The updated packages have been patched to correct this problem. Affected versions: 10.1, 10.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2101 http://www.kde.org/info/security/advisory-20050815-1.txt Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 14561 Common Vulnerability Exposure (CVE) ID: CVE-2005-2101 http://www.securityfocus.com/bid/14561 Debian Security Information: DSA-818 (Google Search) http://www.debian.org/security/2005/dsa-818 http://www.mandriva.com/security/advisories?name=MDKSA-2005:159 http://securitytracker.com/id?1014675 http://secunia.com/advisories/16428
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.