2 matches found
CVE-2008-0167
CVE-2008-0167 affects GForge 4.5.14 (Debian: etch) where scripts open configuration files in write mode, truncating them before writing new data, potentially allowing local attackers to overwrite files or bypass access restrictions. Debian DSA-1577-1 confirms the issue and provides fixed package ...
[SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files
------------------------------------------------------------------------ Debian Security Advisory DSA-1577-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 14, 2008 http://www.debian.org/security/faq -...