Mandriva Linux Security Update Advisory - A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files before writing any contents. When using super, the attack also resulted in /etc/super.tab being a symlink to FILE. Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.
2e7d946d88525e9117a39502618c5c8066182d1bb26b4e22744dea059b24fb60