4 matches found
CVE-2009-3304
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorizedkeys files in users' home directories, related to deb-specific/sshdumpupdate.pl and cronjobs/cvs-cron/sshcreate.php...
Debian Security Advisory DSA 1945-1 (gforge)
The remote host is missing an update to gforge announced via advisory DSA 1945-1. OpenVAS Vulnerability Test $Id: deb19451.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1945-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2009-3304
GForge (versions 4.5.14, 4.7 rc2, 4.8.2) is vulnerable to a local symlink attack allowing local users to overwrite arbitrary files in users’ home directories via authorized_keys, related to deb-specific/ssh_dump_update.pl and cronjobs/cvs-cron/ssh_create.php. Debian and Red Hat advisories indicat...
[SECURITY] [DSA 1945-1] New gforge packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-1945-1 [email protected] http://www.debian.org/security/ Steffen Joeris December 03, 2009 http://www.debian.org/security/faq -...