Lucene search
GoogleOSV:DSA-1402-1HistoryNov 07, 2007 - 12:00 a.m.
gforge - insecure temporary files
2007-11-0700:00:00
Google
osv.dev
10
0.0004 Low
EPSS
Percentile
5.1%
Steve Kemp from the Debian Security Audit project discovered that gforge,
a collaborative development tool, used temporary files insecurely which
could allow local users to truncate files upon the system with the privileges
of the gforge user, or create a denial of service attack.
For the old stable distribution (sarge), this problem has been fixed in
version 3.1-31sarge4.
For the stable distribution (etch), this problem has been fixed in version
4.5.14-22etch3.
We recommend that you upgrade your gforge package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gforge | eq | 4.5.14-22etch1 | |
| gforge | eq | 4.5.14-22 | |
| gforge | eq | 4.5.14-22etch2 |
References
Related
nessus
nessus
Debian DSA-1402-1 : gforge - insecure temporary files
2007-11-08 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1402-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1402-1 (gforge)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2007-3921
2007-11-08 11:00:00
debian
debian
[SECURITY] [DSA 1402-1] New gforge packages fix several vulnerabilities
2007-11-07 20:15:11
prion
prion
Code injection
2007-11-08 11:46:00
nvd
nvd
CVE-2007-3921
2007-11-08 11:46:00
ubuntucve
ubuntucve
CVE-2007-3921
2007-11-08 00:00:00
cve
cve
CVE-2007-3921
2007-11-08 11:46:00