2 matches found
CVE-2005-2960
CVE-2005-2960 affects cfengine versions 1.6.5 and 2.1.16. The issue arises from insecure temporary file handling, allowing a local user to perform a symlink attack and overwrite arbitrary files owned by the user executing cfengine (likely root). The problem is tied to the vicf.in temporary files ...
CVE-2005-3137
CVE-2005-3137 affects cfengine 1.6.5 via insecure temporary file handling in cfmailfilter and cfcron.in, enabling a local user to exploit a symlink to overwrite arbitrary files owned by the executing user (likely root). Connected advisories (Debian DSA-835-1, DSA-836-1) document insecure temporar...