848 matches found
Mandrake Linux Security Advisory : netatalk (MDKSA-2004:121)
The etc2ps.sh script, part of the netatalk package, creates files in /tmp with predicatable names which could allow a local attacker to use symbolic links to point to a valid file on the filesystem which could lead to the overwriting of arbitrary files if etc2ps.sh is executed by someone with...
[SA12976] Netatalk "etc2ps.sh" Script Insecure Temporary File Creation
TITLE: Netatalk "etc2ps.sh" Script Insecure Temporary File Creation SECUNIA ADVISORY ID: SA12976 VERIFY ADVISORY: http://secunia.com/advisories/12976/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Netatalk 2.x http://secunia.com/product/4147/ Netatalk 1.x...
Netatalk symbolic links problem
Symboli links problem in etc2ps.sh script...
GLSA-200410-25 : Netatalk: Insecure tempfile handling in etc2ps.sh
The remote host is affected by the vulnerability described in GLSA-200410-25 Netatalk: Insecure tempfile handling in etc2ps.sh The etc2ps.sh script creates temporary files in world-writeable directories with predictable names. Impact : A local attacker could create symbolic links in the temporary...
Netatalk: Insecure tempfile handling in etc2ps.sh
Background Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh. Description The etc2ps.sh script creates temporary files in...
CVE-2004-0974
CVE-2004-0974 concerns the Netatalk package where a local user can overwrite files via a symlink attack on temporary files. The initial description specifies Trustix Secure Linux 1.5–2.1 and possibly other OSes as affected, with the root cause being insecure temporary-file handling in etc2ps.sh. ...
CVE-2004-0974
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...
CVE-2004-0974
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...