Computer Security

conky symbolic links vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



conky symbolic links vulnerability
Published:16.10.2011
Source:BUGTRAQ
SecurityVulns ID:11977
Type:local
Level:5/10
Description:Insecure temporary files creation.
Affected:CONKY : conky 1.8
CVE:CVE-2011-3616 (The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.)
Original documentdocumentGENTOO, [ GLSA 201110-09 ] Conky: Privilege escalation (16.10.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru