6 matches found
DEBIAN-CVE-2008-4968
The 1 rccs and 2 STUFF scripts in lmbench 3.0-a7 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff. temporary file...
Low: Red Hat Security Advisory: : Updated diffutils packages available
Updated diffutils packages are now available, fixing a temporary file handling vulnerability in the sdiff program. When using sdiff in interactive mode, a temporary file is created. The new diffutils packages make sure to create that file in a secure way...
diffutils sdiff creates temporary files insecurely
Overview diffutils, a set of utilities distributed with many versions of linux, contains a utility called sdiff, which creates temporary files of predictable names in an insecure fashion. Using a symbolic link attack, an intruder can cause overwrite of any file writable by the user executing sdif...
CVE-2001-0117
CVE-2001-0117 concerns diffutils’ sdiff 2.7, where sdiff creates temporary files insecurely, enabling a local user to overwrite files via a symlink attack. The issue affects diffutils in affected distributions (e.g., Red Hat advisories note a temporary-file handling vulnerability in sdiff). Explo...
CVE-2001-0117
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack...
CVE-2001-0117
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack...