Computer Security

pmount symbolis links vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



pmount symbolis links vulnerability
Published:20.06.2010
Source:BUGTRAQ
SecurityVulns ID:10941
Type:local
Level:5/10
Description:Insecure creation of lock files.
Affected:PMOUNT : pmount 0.9
CVE:CVE-2010-2192 (The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/.)
Original documentdocumentDRBIAN, [SECURITY] [DSA 2063-1] New pmount packages fix denial of service (20.06.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru