12 matches found
Linux Distros Unpatched Vulnerability : CVE-2009-5080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier d...
RHEL 5 : groff (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph...
NewStart CGSL MAIN 5.04 : groff Multiple Vulnerabilities (NS-SA-2023-0067)
The remote NewStart CGSL host, running version MAIN 5.04, has groff packages installed that are affected by multiple vulnerabilities: - contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...
Fedora Update for groff FEDORA-2012-8577
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for groff FEDORA-2012-8596
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for groff FEDORA-2012-8590
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 15 : groff-1.21-4.fc15 (2012-8590)
older security fixes : - CVE-2009-5044: insecure temporary file handling in pdfroff - CVE-2009-5080: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph - CVE-2009-5081: roff2.pl and groffer.pl use easy-to-guess temporary file names Note that...
CVE-2009-5080
The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...
DEBIAN-CVE-2009-5080
The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...
CVE-2009-5080
The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...
CVE-2009-5080
CVE-2009-5080 affects GNU troff (groff) 1.21 and earlier, due to improper handling of failed temporary-directory creation in the eqn2graph/ grap2graph/ pic2graph scripts, enabling local symlink attacks to overwrite files. Connected sources confirm the vulnerable components are eqn2graph/eqn2graph...
CVE-2009-5080
The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...