2 matches found
openSUSE Security Update : sblim-sfcb (sblim-sfcb-505)
A tmp file race condition in the genSslCerts.sh helper script could be used by local attackers to gain root privileges. CVE-2009-0416 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2009-0416
The CVE-2009-0416 issue affects SBLIM’s sblim-sfcb 1.3.2: the SSL certificate setup program genSslCert.sh allows a local user to trigger a symlink attack that can overwrite the temporary files /var/tmp/key.pem, /var/tmp/cert.pem, and /var/tmp/ssl.cnf. Several connected sources (SU SE/openSUSE adv...