Bug#506272: CVE-2008-5145: allows local users to overwrite arbitrary files via a symlink attack

To: submit@bugs.debian.org
Subject: Bug#506272: CVE-2008-5145: allows local users to overwrite arbitrary files via a symlink attack
From: Raphael Geissert <atomo64@gmail.com>
Date: Wed, 19 Nov 2008 20:07:43 -0600
Message-id: <[🔎] 200811192007.44048.atomo64@gmail.com>
Reply-to: Raphael Geissert <atomo64@gmail.com>, 506272@bugs.debian.org

Package: ltp-network-test
Version: 20060918-2
Severity: important
Tags: security

Hi,

The following CVE (Common Vulnerabilities & Exposures) id was published for 
ltp-network-test.

CVE-2008-5145[1]:
> ltpmenu in ltp 20060918 allows local users to overwrite arbitrary files via
> a symlink attack on a /tmp/runltp.mainmenu.##### temporary file.

If you fix the vulnerability please also make sure to include the CVE id in 
the changelog entry.

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5145
     http://security-tracker.debian.net/tracker/CVE-2008-5145

Cheers,
-- 
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Prev by Date: Bug#473905: marked as done (tramp: Please rename package to emacs21-tramp)
Next by Date: Bug#496411: #496411: nothing was fixed at all
Previous by thread: Bug#473905: marked as done (tramp: Please rename package to emacs21-tramp)
Next by thread: Bug#496411: #496411: nothing was fixed at all
Index(es):
- Date
- Thread