Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:7484
HistoryJan 04, 2005 - 12:00 a.m.

[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files

2005-01-0400:00:00
vulners.com
5
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA 622-1 [email protected]
http://www.debian.org/security/ Martin Schulze
January 3rd, 2005 http://www.debian.org/security/faq

Package : htmlheadline
Vulnerability : insecure temporary files
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-1181

Javier Fernбndez-Sanguino Peсa has discovered multiple insecure uses
of temporary files that could lead to overwriting arbitrary files via
a symlink attack.

For the stable distribution (woody) these problems have been fixed in
version 21.8-3.

The unstable distribution (sid) does not contain this package.

We recommend that you upgrade your htmlheadline package.

Upgrade Instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/h/htmlheadline/htmlheadline_21.8-3.dsc
Size/MD5 checksum: 579 36da72a4ff991d7646a77eb7d8789f8a

http://security.debian.org/pool/updates/main/h/htmlheadline/htmlheadline_21.8-3.diff.gz
Size/MD5 checksum: 5383 8c098ae1c43cf8f5f702191864e29b84

http://security.debian.org/pool/updates/main/h/htmlheadline/htmlheadline_21.8.orig.tar.gz
Size/MD5 checksum: 42360 319b218bd8c787a1455540a85428adc6

Architecture independent components:

http://security.debian.org/pool/updates/main/h/htmlheadline/htmlheadline_21.8-3_all.deb
Size/MD5 checksum: 44570 c55c6906ba256b1731d8d6c5a151eaf1

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB2RjGW5ql+IAeqTIRAvN8AKCJDQBYVNW1DNsjagMRCeZ56eVbWQCfRJdt
5n+zy6EUGbdCr5z/eDt2x2A=
=8I0+
-----END PGP SIGNATURE-----

Related

debian 2
openvas 2
nessus 1
osv 1
cve 1
debian
debian
[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files
2005-01-03 10:04:54
[SECURITY] [DSA 622-1] New htmlheadline package fixes insecure temporary files
2005-01-03 10:04:54
openvas
openvas
Debian Security Advisory DSA 622-1 (htmlheadline)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-622-1)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-622-1 : htmlheadline - insecure temporary files
2005-01-03 00:00:00
osv
osv
htmlheadline - insecure temporary files
2005-01-03 00:00:00
cve
cve
CVE-2004-1181
2005-04-14 04:00:00
JSON
Related for SECURITYVULNS:DOC:7484
debian2openvas2nessus1osv1cve1