CVE-2008-1832: Insecure tempfile handling
Bug #241457 reported by
James Westby
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
CECILIA |
Unknown
|
Unknown
|
|||
cecilia (Debian) |
Fix Released
|
Unknown
|
|||
cecilia (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
Gutsy |
Fix Released
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: cecilia
Hi,
CVE-2008-1832 states lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file.
Debian fixed this issue in 2.0.5-2.1
Thanks,
James
CVE References
Changed in cecilia: | |
status: | Unknown → Fix Released |
Changed in cecilia: | |
status: | New → Fix Released |
Changed in cecilia: | |
status: | New → In Progress |
status: | New → In Progress |
To post a comment you must log in.
Hi,
Attached is the diff to merge the change from Debian for Intrepid.
Thanks,
James