Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: 200309-05 Critical: Mindi Local Exploit Insecure File Creation

gentoo
Calendar Grey September 2, 2003
Dist Gentoo Esm H88
Gentoo Linux Security Advisory concerning mindi: possible local exploit due to insecure file creation in /tmp folder. Immediate update recommended.
Mindi creates files in /tmp which could allow local user to overwritearbitrary files.

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-05
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------

Mindi creates files in /tmp which could allow local user to overwrite
arbitrary files.

SOLUTION

It is recommended that all Gentoo Linux users who are running
sys-apps/mindi upgrade to mindi-0.86 as follows:

emerge sync
emerge mindi
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory Gentoo critical local exploit insecure file creation mindi

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

PACKAGE : mindi
SUMMARY : insecure file creations
DATE : 2003-09-02 10:37 UTC
EXPLOIT : local
VERSIONS AFFECTED : =mindi-0.86
CVE : CAN-2003-0617

Topics%20covered

Topics Covered

security advisory Gentoo critical local exploit insecure file creation mindi

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here