4 matches found
[SECURITY] [DSA 1205-2] New thttpd packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1205-2 [email protected] http://www.debian.org/security/ Steve Kemp December 1sd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1205-1 [email protected] http://www.debian.org/security/ Steve Kemp November 2rd, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1205-1] New thttpd packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1205-1 [email protected] http://www.debian.org/security/ Steve Kemp November 2rd, 2006 http://www.debian.org/security/faq -...
CVE-2006-4248
CVE-2006-4248 affects thttpd (notably in Debian and related distributions) and involves a local symlink attack that allows a local user to create or touch arbitrary files via insecure temporary file usage in start_thttpd during log rotation. The root cause is the use of insecure temporary files, ...