Fedora 20 : syncevolution-1.4.1-1.fc20 (2014-5186)

Update to 1.4.1 stable release CVE-2014-1639 syncevolution: insecure temporary file usage in installcheck-local.sh It was found 1 that the installcheck-local.sh script of the syncevolution package creates temporary files in an insecure way. A local attacker could use these flaws to perform a...

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)

An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

GLSA-201402-10 : PulseAudio: Insecure temporary file usage

The remote host is affected by the vulnerability described in GLSA-201402-10 PulseAudio: Insecure temporary file usage The pamakesecuredir function in core-util.c does not handle temporary files securely. Impact : A local attacker could perform symlink attacks to overwrite arbitrary files with th...

Fedora 20 : flite-1.3-21.fc20 (2014-0579)

CVE-2014-0027 flite: insecure temporary file use Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Perl Parallel-ForkManager Module: Insecure temporary file usage

Background Parallel-ForkManager is a simple parallel processing fork manager for Perl. Description The Perl Parallel-ForkManager module does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user...

Fedora 19 : nagios-3.5.0-5.fc19 (2013-10996)

"Build package with PIE flags 965529 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory 2013-10996. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid67296;...

CentOS 4 : mysql (CESA-2005:685)

Updated mysql packages that fix a temporary file flaw and a number of bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisti...

Fedora 18 : crypto-utils-2.4.1-39.fc18 (2013-3253)

Addresses CVE-2012-3504 - insecure temporary file usage in genkey Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

xNBD - tmpxnbd.log Insecure Temporary File Handling

xNBD - tmpxnbd.log Insecure Temporary File Handling source: https://www.securityfocus.com/bid/57784/info xNBD is prone to a vulnerability because it handles temporary files in an insecure manner. Local attackers may leverage this issue to perform symbolic-link attacks in the context of the affect...

CentOS Update for hpijs3 CESA-2013:0133 centos5

Check for the Version of hpijs3 OpenVAS Vulnerability Test CentOS Update for hpijs3 CESA-2013:0133 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Scientific Linux Security Update : hplip3 on SL5.x i386/x86_64 (20130108)

It was found that the HP CUPS Common UNIX Printing System fax filter in HPLIP created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to a process using the fax filter such as the hp3-sendfax tool...

Fedora 17 : pcp-3.6.10-1.fc17 (2012-18686)

Resolve insecure temporary file use flaws in PCP shell scripts Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

RHEL 6 : java-1.7.0-ibm (RHSA-2012:1289)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1289 advisory. - OpenJDK: AWT hardening fixes AWT, 7163201 CVE-2012-0547 - Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 Deployment...

Gentoo Security Advisory GLSA 201206-17 (virtualenv)

The remote host is missing updates announced in advisory GLSA 201206-17. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

CentOS Update for sudo CESA-2012:1149 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for sudo RHSA-2012:1149-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : cman on SL5.x i386/x86_64

Multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with the output of the utilities via a symbolic link attack. CVE-2008-4579,...

Scientific Linux Security Update : fence on SL4.x i386/x86_64

Insecure temporary file use flaws were found in fenceegenera, fenceapc, and fenceapcsnmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. CVE-2008-4192, CVE-2008-4579 This update also fixes the...

Scientific Linux Security Update : dhcp on SL3.x, SL4.x i386/x86_64

The Mandriva Linux Engineering Team discovered a stack-based buffer overflow flaw in the ISC DHCP client. If the DHCP client were to receive a malicious DHCP response, it could crash or execute arbitrary code with the permissions of the client root. CVE-2009-0692 An insecure temporary file use fl...