71 matches found
SUSE SLED12 / SLES12 Security Update : dracut (SUSE-SU-2015:2065-1)
The dracut package was updated to fix the following security and non-security issues : - CVE-2015-0794: Use mktemp instead of hard-coded filenames, possible vulnerability bsc935338. - Always install mdraid modules bsc935993. - Add notice when dracut failed to install modules bsc952491. - Always...
openSUSE Security Update : dracut (openSUSE-2015-765)
The dracut package was updated to fix the following security and non security issues : - CVE-2015-0794: Use mktemp instead of hardcoded filenames, possible vulnerability bnc935338. - Always install mdraid modules boo935993. - Add notice when dracut failed to install modules bsc952491. %NASLMINLEV...
FreeBSD : security/ossec-hids-* -- root escalation via temp files (36858e78-3963-11e4-ad84-000c29f6ae42)
OSSEC reports : This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...
security/ossec-hids-* -- root escalation via temp files
OSSEC reports: This correction will create the temp file for the hosts deny file in /var/ossec and will use mktemp where available to create NON-predictable temp file name. In cases where mktemp is not available we have written a BAD version of mktemp, but should be a little better then just...
DEBIAN-CVE-2014-1839
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...
Code injection
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...
PYSEC-2014-84
The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file...
PT-2014-4323 · Logilab +1 · Logilab-Common +1
Name of the Vulnerable Software and Affected Versions: logilab-common versions prior to 0.61.0 Description: The Execute class in shellutils in logilab-common uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file. Recommendations: For...
DEBIAN-CVE-2014-1639
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...
CVE-2014-1639
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...
CVE-2014-1639
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename...
Fedora 20 : prboom-plus-2.5.1.3-3.fc20 (2013-20940)
-------- prboom-plus-2.5.1.3-3 replaces mktemp with mkstemp to satisfy rpmlint Doom is a classic 3D shoot-em-up game. PrBoom+ is a Doom source port developed from the original PrBoom project by Andrey Budko. The target of the project is to extend the original port with features that are necessary...
Mandrake Linux Security Advisory : ghostscript (MDKSA-2000:074)
The ghostscript package uses mktemp instead of mkstemp to create temporary files. It also uses improper LDRUNPATH values, which causes it to search for libraries in the current directory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
caml-light -- insecure use of temporary files
caml-light uses mktemp insecurely, and also does unsafe things in /tmp during make install...
Fedora 15 : foomatic-4.0.8-3.fc15 (2011-11196)
This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...
Fedora 14 : foomatic-4.0.8-3.fc14 (2011-11205)
This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...
Fedora 16 : foomatic-4.0.8-4.fc16 (2011-11118)
This package fixes CVE-2011-2924 by using mktemp when creating a debug log file in debug mode. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...
DEBIAN-CVE-2009-5082
The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...
CVE-2009-5082
The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...
Fedora 14 : xorg-x11-server-1.9.0-9.fc14 (2010-14754)
Refuse to believe tiny or negative sizes from PanelID. 632805 - Call mktemp correctly 632879 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...