EUVD-2006-5282

Malware in sbrugna...

Open redirect

On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the OEXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by...

CVE-2006-6304

The docoredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to OEXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump...

CVE-2006-5297

CVE-2006-5297 affects mutt up to 1.5.12, describing a race condition in safe_open when creating temporary files on NFS. The underlying issue is the NFS limitation with O_EXCL, allowing a local attacker to overwrite files. Connected advisories across Red Hat, Ubuntu, Canonical/Sec advisories docum...

Tripwire temporary files

------------------------------------------------------------ Insecure temporary files in Tripwire [email protected] $Date: 2001/07/09 05:02:02 $ ------------------------------------------------------------ Author: Jarno Huuskonen [email protected] Discovered: Tue 16 Jan 2001 Vendor...