SUSE CVE-2005-3011

The sortoffline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...

SUSE CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

CentOS 3 / 4 : texinfo (CESA-2006:0727-1)

New Texinfo packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Texinfo is a documentation system that can produce both online information and printed output from a single source...

FreeBSD Security Advisory (FreeBSD-SA-06:01.texindex.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:01.texindex.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Ubuntu 5.10 / 6.06 LTS / 6.10 : texinfo vulnerability (USN-379-1)

Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges. Note that Tenable Network Security has extracted the preceding description block directly fr...

Mandrake Linux Security Advisory : texinfo (MDKSA-2006:203)

Miloslav Trmac discovered a buffer overflow in texinfo. This issue can cause texi2dvi or texindex to crash when processing a carefully crafted file. Updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

Fedora Core 5 : texinfo-4.8-9.2.fc5.2 (2006-1202)

Sun Nov 5 2006 Miloslav Trmac - 4.8-9.2.fc5.2 - Remove off-line sorting from texindex fixes CVE-2006-4810 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much...

Debian DSA-1219-1 : texinfo - buffer overflow

Multiple vulnerabilities have been found in the GNU texinfo package, a documentation system for on-line information and printed output. - CVE-2005-3011 Handling of temporary files is performed in an insecure manner, allowing an attacker to overwrite any file writable by the victim. - CVE-2006-481...

GLSA-200611-16 : Texinfo: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200611-16 Texinfo: Buffer overflow Miloslav Trmac from Red Hat discovered a buffer overflow in the 'readline' function of texindex.c. The 'readline' function is called by the texi2dvi and texindex commands. Impact : By enticing a...

Texinfo: Buffer overflow

Background Texinfo is the official documentation system of the GNU project. Description Miloslav Trmac from Red Hat discovered a buffer overflow in the "readline" function of texindex.c. The "readline" function is called by the texi2dvi and texindex commands. Impact By enticing a user to open a...

CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

DEBIAN-CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

CVE-2006-4810

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

security flaw

Buffer overflow in the readline function in util/texindex.c, as used by the 1 texi2dvi and 2 texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file...

security flaw

The sortoffline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...

Ubuntu 5.04 / 5.10 : texinfo regression bug fix (USN-194-2)

USN-194-1 fixed a vulnerability in the 'texindex' program. Unfortunately this update introduced a regression that caused the program to abort when cleaning up temporary files which are used with extraordinarily large input files. The updated packages fix this. Note that Tenable Network Security h...

Ubuntu 4.10 / 5.04 : texinfo vulnerability (USN-194-1)

Frank Lichtenheld discovered that the 'texindex' program created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user running texindex. Note that Tenable Network Security has extracted the preceding...

FreeBSD-SA-06:01.texindex

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo Announced: 2006-01-11...

texindex -- temporary file privilege escalation

Problem description The "sortoffline" function used by texindex1 employs the "maketempname" function, which produces predictable file names and fails to validate that the paths do not exist. Impact These predictable temporary file names are problematic because they allow an attacker to take...