Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-243-1
HistoryJan 16, 2006 - 12:00 a.m.

tuxpaint vulnerability

2006-01-1600:00:00
ubuntu.com
29

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

29.6%

JSON

Releases

  • Ubuntu 5.10

Details

Javier Fernández-Sanguino Peña discovered that the tuxpaint-import.sh
script created a temporary file in an insecure way. This could allow a
symlink attack to create or overwrite arbitrary files with the
privileges of the user running tuxpaint.

OSVersionArchitecturePackageVersionFilename
Ubuntu5.10noarchtuxpaint< *UNKNOWN

Related

debian 2
ubuntucve 1
kaspersky 1
openvas 3
debiancve 1
cve 1
securityvulns 1
nessus 2
debian
debian
[SECURITY] [DSA 941-1] New tuxpaint packages fix insecure temporary file creation
2006-01-16 07:45:32
[SECURITY] [DSA 941-1] New tuxpaint packages fix insecure temporary file creation
2006-01-16 07:45:32
ubuntucve
ubuntucve
CVE-2005-3340
2005-12-31 00:00:00
kaspersky
kaspersky
KLA10373 Vulnerability in TuxPaint
2005-12-31 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-941-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-243-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 941-1 (tuxpaint)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2005-3340
2005-12-31 05:00:00
cve
cve
CVE-2005-3340
2005-12-31 05:00:00
securityvulns
securityvulns
[Full-disclosure] [SECURITY] [DSA 941-1] New tuxpaint packages fix insecure temporary file creation
2006-01-16 00:00:00
nessus
nessus
Ubuntu 5.10 : tuxpaint vulnerability (USN-243-1)
2006-01-21 00:00:00
Debian DSA-941-1 : tuxpaint - insecure temporary file
2006-10-14 00:00:00

6.4 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

29.6%

JSON
Related for USN-243-1
debian2ubuntucve1kaspersky1openvas3debiancve1cve1securityvulns1nessus2