Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200812-12
HistoryDec 12, 2008 - 12:00 a.m.

Honeyd: Insecure temporary file creation

2008-12-1200:00:00
Gentoo Foundation
security.gentoo.org
11

0.0004 Low

EPSS

Percentile

5.2%

JSON

Background

Honeyd is a small daemon that creates virtual hosts on a network.

Description

Dmitry E. Oboukhov reported an insecure temporary file usage within the “test.sh” script.

Impact

A local attacker could perform symlink attacks and overwrite arbitrary files with the privileges of the user running the application.

Workaround

There is no known workaround at this time.

Resolution

All Honeyd users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-analyzer/honeyd-1.5c-r1"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-analyzer/honeyd< 1.5c-r1UNKNOWN

Related

prion 1
securityvulns 2
nessus 1
ubuntucve 1
openvas 2
cve 1
prion
prion
Arbitrary file deletion
2008-09-04 18:41:00
securityvulns
securityvulns
[ GLSA 200812-12 ] Honeyd: Insecure temporary file creation
2008-12-15 00:00:00
honeyd symbolic links vulnerability
2008-12-15 00:00:00
nessus
nessus
GLSA-200812-12 : Honeyd: Insecure temporary file creation
2008-12-15 00:00:00
ubuntucve
ubuntucve
CVE-2008-3928
2008-09-04 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200812-12 (honeyd)
2008-12-23 00:00:00
Gentoo Security Advisory GLSA 200812-12 (honeyd)
2008-12-23 00:00:00
cve
cve
CVE-2008-3928
2008-09-04 18:41:00

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for GLSA-200812-12
prion1securityvulns2nessus1ubuntucve1openvas2cve1