Lucene search
GoogleOSV:DSA-843-1HistoryOct 05, 2005 - 12:00 a.m.
arc - insecure temporary file
2005-10-0500:00:00
Google
osv.dev
9
0.0004 Low
EPSS
Percentile
5.1%
Two vulnerabilities have been discovered in the ARC archive program
under Unix. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CAN-2005-2945
Eric Romang discovered that the ARC archive program under Unix
creates a temporary file with insecure permissions which may lead
to an attacker stealing sensitive information. - CAN-2005-2992
Joey Schulze discovered that the temporary file was created in an
insecure fashion as well, leaving it open to a classic symlink
attack.
The old stable distribution (woody) does not contain arc packages.
For the stable distribution (sarge) these problems have been fixed in
version 5.21l-1sarge1.
For the unstable distribution (sid) these problems have been fixed in
version 5.21m-1.
We recommend that you upgrade your arc package.
References
Related
openvas
openvas
SLES9: Security update for arc
2009-10-10 00:00:00
Debian: Security Advisory (DSA-843-1)
2008-01-17 00:00:00
SLES9: Security update for arc
2009-10-10 00:00:00
nvd
nvd
CVE-2005-2992
2005-10-13 22:02:00
CVE-2005-2945
2005-09-16 21:03:00
debiancve
debiancve
CVE-2005-2992
2005-10-13 22:02:00
CVE-2005-2945
2005-09-16 21:03:00
nessus
nessus
Debian DSA-843-1 : arc - insecure temporary file
2005-10-05 00:00:00
SuSE9 Security Update : arc (YOU Patch Number 10496)
2009-09-24 00:00:00
debian
debian
[SECURITY] [DSA 843-1] New arc packages fix insecure temporary files
2005-10-05 06:06:14
[SECURITY] [DSA 843-1] New arc packages fix insecure temporary files
2005-10-05 06:06:14
cve
cve
CVE-2005-2992
2005-10-13 22:02:00
CVE-2005-2945
2005-09-16 21:03:00
ubuntucve
ubuntucve
CVE-2005-2992
2005-10-13 00:00:00
CVE-2005-2945
2005-09-16 00:00:00
cvelist
cvelist
CVE-2005-2992
2005-10-13 04:00:00
CVE-2005-2945
2005-09-16 04:00:00