[SECURITY] [DSA 867-1] New module-assistant package fixes insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 867-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2005 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 867-1] New module-assistant package fixes insecure temporary file

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 867-1 [email protected] http://www.debian.org/security/ Martin Schulze October 20th, 2005 http://www.debian.org/security/faq -...

Mandrake Linux Security Advisory : cfengine (MDKSA-2005:184)

Javier Fernndez-Sanguino Pea discovered several insecure temporary file uses in cfengine = 1.6.5 and = 2.1.16 which allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in. CVE-2005-2960 In addition, Javier discovered the cfmailfilter and cfcron.in...

GLSA-200510-04 : Texinfo: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200510-04 Texinfo: Insecure temporary file creation Frank Lichtenheld has discovered that the 'sortoffline' function in texindex insecurely creates temporary files with predictable filenames. Impact : A local attacker could create...

[Full-disclosure] [SECURITY] [DSA 857-1] New graphviz packages fix insecure temporary file

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 857-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq -...

Debian DSA-839-1 : apachetop - insecure temporary file

Eric Romang discovered an insecurely created temporary file in apachetop, a realtime monitoring tool for the Apache webserver that could be exploited with a symlink attack to overwrite arbitrary files with the user id that runs apachetop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Debian DSA-827-1 : backupninja - insecure temporary file

Moritz Muehlenhoff discovered the handler code for backupninja creates a temporary file with a predictable filename, leaving it vulnerable to a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

GLSA-200509-21 : Hylafax: Insecure temporary file creation in xferfaxstats script

The remote host is affected by the vulnerability described in GLSA-200509-21 Hylafax: Insecure temporary file creation in xferfaxstats script Javier Fernandez-Sanguino has discovered that xferfaxstats cron script supplied by Hylafax insecurely creates temporary files with predictable filenames...

[SECURITY] [DSA 839-1] New apachetop packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 839-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 839-1] New apachetop packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 839-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2005 http://www.debian.org/security/faq -...

cfengine -- arbitrary file overwriting vulnerability

A Debian Security Advisory reports: Javier Fernández-Sanguino Peña discovered several insecure temporary file uses in cfengine, a tool for configuring and maintaining networked machines, that can be exploited by a symlink attack to overwrite arbitrary files owned by the user executing cfengine,...

[SECURITY] [DSA 822-1] New gtkdiskfree packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 822-1 [email protected] http://www.debian.org/security/ Martin Schulze September 29th, 2005 http://www.debian.org/security/faq -...

RHEL 4 : cvs (RHSA-2005:756)

The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2005:756 advisory. CVS Concurrent Version System is a version control system. An insecure temporary file usage was found in the cvsbug program. It is possible that a loc...

Low: Red Hat Security Advisory: cvs security update

An updated cvs package that fixes a security bug is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. CVS Concurrent Version System is a version control system. An insecure temporary file usage was found in the cvsbug program. It is...

GLSA-200508-19 : lm_sensors: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200508-19 lmsensors: Insecure temporary file creation Javier Fernandez-Sanguino Pena has discovered that lmsensors insecurely creates temporary files with predictable filenames when saving configurations. Impact : A local attacker...

[SECURITY] [DSA 783-1] New mysql packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 783-1 [email protected] http://www.debian.org/security/ Martin Schulze August 24th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 761-2] New heartbeat packages fix insecure temporary files

-------------------------------------------------------------------------- Debian Security Advisory DSA 761-2 [email protected] http://www.debian.org/security/ Martin Schulze August 15th, 2005 http://www.debian.org/security/faq -...

Debian DSA-760-1 : ekg - several vulnerabilities

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1850 Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file creatio...

[SECURITY] [DSA 760-1] New ekg packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 760-1 [email protected] http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq -...

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/14293/info Skype is affected by an insecure temporary file creation vulnerability. Exploitation would most likely result in loss of data or a denial of service if critical files are...