Mandrake Security Advisory MDVSA-2009:011 (virtualbox)

The remote host is missing an update to virtualbox announced via advisory MDVSA-2009:011.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability have been discovered and corrected in VirtualBox, affecting versions prior to 2.0.6, which allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-qateam-ipc/lock temporary file (CVE-2008-5256). The updated packages have been patched to prevent this. Affected: 2008.0, 2008.1, 2009.0