4 matches found
EUVD-2007-1494
Malware in sbrugna...
Linux Security Auditing Tool不安全临时文件建立漏洞
Linux Security Auditing Tool是一款安全审核工具。 Linux Security Auditing Tool不安全建立临时文件,本地攻击者可以利用漏洞覆盖敏感文件,造成拒绝服务攻击。 攻击者可以利用符号链接进行攻击。目前没有详细漏洞细节提供。 Linux Security Auditing Tool 0.9.2 Gentoo Linux 目前没有解决方案提供: http://usat.sourceforge.net/...
CVE-2007-1500
The Linux Security Auditing Tool LSAT allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat...
LSAT: Insecure temporary file creation
Background The Linux Security Auditing Tool LSAT is a post install security auditor which checks many system configurations and local network settings on the system for common security or configuration errors and for packages that are not needed. Description LSAT insecurely writes in /tmp with a...