Re: [SECURITY] [DSA 827-1] New backupninja packages fix insecure temporary file

To: debian-security@lists.debian.org
Cc: joey@infodrom.org, coley@mitre.org
Subject: Re: [SECURITY] [DSA 827-1] New backupninja packages fix insecure temporary file
From: "Steven M. Christey" <coley@linus.mitre.org>
Date: Fri, 30 Sep 2005 00:23:10 -0400 (EDT)
Message-id: <[🔎] Pine.GSO.4.51.0509300022420.17080@cairo.mitre.org>
In-reply-to: <E1EL8HE-0002H7-00@klecker.debian.org>
References: <E1EL8HE-0002H7-00@klecker.debian.org>

On Fri, 30 Sep 2005, Michael Stone wrote:

> Package        : backupninja
> Vulnerability  : insecure temporary file
> Problem type   : local
> Debian-specific: no
> CVE ID         :
>
> Moritz Muehlenhoff discovered the handler code for backupninja creates
> a temporary file with a predictable filename, leaving it vulnerable to
> a symlink attack.


======================================================
Candidate: CAN-2005-3111
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3111
Reference: DEBIAN:DSA-827
Reference: URL:http://www.debian.org/security/2005/dsa-827

The handler code for backupninja 0.8 and earlier creates temporary
files with predictable filenames, which allows local users to modify
arbitrary files.




- Steve

Reply to:

Prev by Date: Re: security.debian.org mirrors?
Next by Date: Re: [SECURITY] [DSA 829-1] New mysql packages fix arbitrary code execution
Previous by thread: Re: [SECURITY] [DSA 797-2] Updated zsync i386 packages fix build error
Next by thread: Re: [SECURITY] [DSA 829-1] New mysql packages fix arbitrary code execution
Index(es):
- Date
- Thread