Computer Security
[EN] securityvulns.ru no-pyccku


conky symbolic links vulnerability
Published:16.10.2011
Source:
SecurityVulns ID:11977
Type:local
Threat Level:
5/10
Description:Insecure temporary files creation.
Affected:CONKY : conky 1.8
CVE:CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.)
Original documentdocumentGENTOO, [ GLSA 201110-09 ] Conky: Privilege escalation (16.10.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod