Computer Security
[EN] securityvulns.ru no-pyccku


jailer symbolic links vulnerability
Published:01.12.2008
Source:
SecurityVulns ID:9470
Type:remote
Threat Level:
5/10
Description:updatejail insecure temporary files creation.
Affected:JAILER : jailer 0.4
CVE:CVE-2008-5139 (updatejail in jailer 0.4 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/#####.updatejail temporary file.)
Original documentdocumentMoritz Muehlenhoff, [SECURITY] [DSA 1674-1] New jailer packages fix denial of service (01.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod