5 matches found
CVE-2014-7206
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file...
CVE-2014-7206
CVE-2014-7206 affects apt’s changelog retrieval: the changelog functionality before version 1.0.9.2 allows local users to overwrite arbitrary files via a symlink-based race. Vulnerable: apt, prior to 1.0.9.2. Root cause: insecure creation/use of temporary files during changelog access. Impact: lo...
[SECURITY] [DSA 3048-1] apt security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3048-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3048-1] apt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3048-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2014 http://www.debian.org/security/faq -...
CVE-2014-7206
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file...