37 matches found
CVE-2005-0017
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files...
[SECURITY] [DSA 661-2] New f2c packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 661-2 [email protected] http://www.debian.org/security/ Martin Schulze April 20th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 661-2] New f2c packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 661-2 [email protected] http://www.debian.org/security/ Martin Schulze April 20th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 661-2] New f2c packages fix insecure temporary files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 661-2 [email protected] http://www.debian.org/security/ Martin Schulze April 20th, 2005 http://www.debian.org/security/faq -...
DSA-661-2 f2c - insecure temporary files
Bulletin has no description...
GLSA-200501-43 : f2c: Insecure temporary file creation
The remote host is affected by the vulnerability described in GLSA-200501-43 f2c: Insecure temporary file creation Javier Fernandez-Sanguino Pena from the Debian Security Audit Team discovered that f2c creates temporary files in world-writeable directories with predictable names. Impact : A local...
CVE-2005-0017
CVE-2005-0017 affects the f2c translator in the f2c package (version 3.1). It is exploitable by a local user via a symlink attack on temporary files to read arbitrary files. The OpenVAS/DSA entries confirm f2c advisories (DSA-661-1/2, GLSA 200501-43) and a Debian reference, indicating multiple ve...
CVE-2005-0018
CVE-2005-0018 concerns the f2c package (f2 shell script) where a symlink attack on temporary files allows a local user to read arbitrary files. Affected feature is the f2 script in the f2c package version 3.1, with root cause outlined as a symlink-based local file read. The impact is limited to c...
CVE-2005-0017
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files...
CVE-2005-0018
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files...
CVE-2005-0018
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files...
CVE-2005-0017
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files...
f2c: Insecure temporary file creation
Background f2c is a Fortran to C translator. Portage uses this package in some ebuilds to build Fortran sources. Description Javier Fernandez-Sanguino Pena from the Debian Security Audit Team discovered that f2c creates temporary files in world-writeable directories with predictable names. Impact...
[SECURITY] [DSA 661-1] New f2c packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 661-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 661-1] New f2c packages fix insecure temporary files
-------------------------------------------------------------------------- Debian Security Advisory DSA 661-1 [email protected] http://www.debian.org/security/ Martin Schulze January 27th, 2005 http://www.debian.org/security/faq -...
Debian DSA-661-2 : f2c - insecure temporary files
Dan McMahill noticed that our advisory DSA 661-1 did not correct the multiple insecure files problem, hence, this update. For completeness below is the original advisory text : Javier Fernandez-Sanguino Pena from the Debian Security Audit project discovered that f2c and fc, which are both part of...
f2c -- insecure temporary files
Javier Fernández-Sanguino Peña reports two temporary file vulnerability within f2c. The vulnerabilities are caused due to weak temporary file handling. An attacker could create an symbolic link, causing a local user running f2c to overwrite the symlinked file. This could give the attacker elevate...