Computer Security
[EN] securityvulns.ru no-pyccku


xfsdump symbolic links vulnerability
Published:22.06.2007
Source:
SecurityVulns ID:7842
Type:local
Threat Level:
5/10
Description:xfs_fsr utility insecurely creates .fsr temporary directory.
Affected:XFSDUMP : xfsdump 2.2
CVE:CVE-2007-2654 (xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.)
Original documentdocumentMANDRIVA, [Full-disclosure] [ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary directory creation issue (22.06.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod