Debian Security Advisory DSA 1068-1 (fbi)

The remote host is missing an update to fbi announced via advisory DSA 1068-1. Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks. For the old stabl...

Debian DSA-1068-1 : fbi - insecure temporary file

Jan Braun discovered that the fbgs script of fbi, an image viewer for the framebuffer environment, creates an directory in a predictable manner, which allows denial of service through symlink attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

GLSA-200608-22 : fbida: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200608-22 fbida: Arbitrary command execution Toth Andras has discovered a typographic mistake in the 'fbgs' script, shipped with fbida if the 'fbcon' and 'pdf' USE flags are both enabled. This script runs 'gs' without the -dSAFER...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

DEBIAN-CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...

CVE-2006-1695

The CVE-2006-1695 issue affects the fbgs script in the fbi package (notably version around 2.01-1.4) where, if TMPDIR is not defined, a local user can exploit a symlink in /var/tmp/fbps-[PID] to overwrite arbitrary files. The vulnerability arises from creating a predictable temporary directory, e...

CVE-2006-1695

The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-PID...