EUVD-2004-1165

Malware in sbrugna...

Gentoo Security Advisory GLSA 200412-05 (mirrorselect)

The remote host is missing updates announced in advisory GLSA 200412-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2004-1167

mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack...

CVE-2004-1167

mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack...

CVE-2004-1167

CVE-2004-1167 affects mirrorselect prior to 0.89, which creates temporary files in a world-writable directory with predictable names. This enables symlink attacks to overwrite arbitrary files when mirrorselect runs—potentially gaining the rights of the invoking user (often root). Public sources (...

mirrorselect: Insecure temporary file creation

Background mirrorselect is a tool to help select distfiles mirrors for Gentoo. Description Ervin Nemeth discovered that mirrorselect creates temporary files in world-writable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory,...

[Full-Disclosure] [ GLSA 200412-05 ] mirrorselect: Insecure temporary file creation

Gentoo Linux Security Advisory GLSA 200412-05:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -...