8 matches found
EUVD-2000-0935
Malware in sbrugna...
Mandrake Linux Security Advisory : gnorpm (MDKSA-2000:055)
Versions of GnoRPM prior to 0.95 used files in the /tmp directory in an insecure manner. If GnoRPM is run as root, a local user can exploit this behaviour to trick GnoRPM into writing to arbitrary files anywhere on the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
CVE-2000-0948
CVE-2000-0948 corresponds to a local vulnerability in GnoRPM prior to version 0.95, where insecure handling of /tmp allows a local user to modify arbitrary files via a symlink attack. The Mandrake MDKSA-2000:055 advisory explicitly states that versions before 0.95 used files in /tmp insecurely an...
CVE-2000-0948
GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack...
CVE-2000-0948
GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack...
Linux news 9.10.00
Linus: Linux Kernel 2.4 задерживается. Опять... Пришло сообщение о том, что ядро Linux 2.4 задерживается как минимум еще на два месяца... Подробнее: http://slashdot.org/articles/00/10/06/2053240.shtml Snes9x 1.32 Вышла новая версия Super Nintendo Entertainment System SNES emulator-а - Snes9x 1.32...
GnoRPM local /tmp vulnerability
While fixing other problems with the gnorpm package a locally exploitable security hole was found where a normal user could trick root running GnoRPM into writing to arbitary files due to a bug in the gnorpm tmp file handling. A new release of GnoRPM 0.95.1 is now available. This fixes significan...
Дырка в GNOrpm
Некорректная работа с временными файлами позволяет переписать любой файл...