* SECURITY UPDATE: alert.d/test.alert in mon 0.99.2 allows local users to
overwrite arbitrary files via a symlink attack on the test.alert.log
temporary file.. (LP: #285100)
- 00_CVE-2008-4477.dpatch: Dont create file in /tmp
- CVE-2008-4477
-- Stefan Lesicnik <email address hidden> Fri, 17 Oct 2008 20:02:54 +0200
This bug was fixed in the package mon - 0.99.2- 11ubuntu1. 8.04.1
--------------- 11ubuntu1. 8.04.1) hardy-security; urgency=low
mon (0.99.2-
* SECURITY UPDATE: alert.d/test.alert in mon 0.99.2 allows local users to 2008-4477. dpatch: Dont create file in /tmp
overwrite arbitrary files via a symlink attack on the test.alert.log
temporary file.. (LP: #285100)
- 00_CVE-
- CVE-2008-4477
-- Stefan Lesicnik <email address hidden> Fri, 17 Oct 2008 20:02:54 +0200