Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-366
HistoryAug 05, 2003 - 12:00 a.m.

eroaster - insecure temporary file

2003-08-0500:00:00
Google
osv.dev
7

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

JSON

eroaster, a frontend for burning CD-R media using cdrecord, does not
take appropriate security precautions when creating a temporary file
for use as a lockfile. This bug could potentially be exploited to
overwrite arbitrary files with the privileges of the user running
eroaster.

For the stable distribution (woody) this problem has been fixed in
version 2.1.0.0.3-2woody1.

For the unstable distribution (sid) this problem has been fixed in
version 2.2.0-0.5-1.

We recommend that you update your eroaster package.

Related

cve 1
nessus 2
openvas 2
debian 1
securityvulns 1
cve
cve
CVE-2003-0656
2003-08-27 04:00:00
nessus
nessus
Debian DSA-366-1 : eroaster - insecure temporary file
2004-09-29 00:00:00
Mandrake Linux Security Advisory : eroaster (MDKSA-2003:083)
2004-07-31 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-366)
2008-01-17 00:00:00
Debian Security Advisory DSA 366-1 (eroaster)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation
2003-08-06 03:04:25
securityvulns
securityvulns
[SECURITY] [DSA-366-1] New eroaster packages fix insecure temporary file creation
2003-08-07 00:00:00

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

JSON
Related for OSV:DSA-366
cve1nessus2openvas2debian1securityvulns1