LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: March 14th, 2010
Linux Advisory Watch: March 6th, 2010
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Gentoo: 'mindi' temporary file vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
Gentoo Mindi creates files in /tmp which could allow local user to overwritearbitrary files.

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-05
- - ---------------------------------------------------------------------

          PACKAGE : mindi
          SUMMARY : insecure file creations
             DATE : 2003-09-02 10:37 UTC
          EXPLOIT : local
VERSIONS AFFECTED : =mindi-0.86
              CVE : CAN-2003-0617

- - ---------------------------------------------------------------------

Mindi creates files in /tmp which could allow local user to overwrite
arbitrary files.

SOLUTION

It is recommended that all Gentoo Linux users who are running
sys-apps/mindi upgrade to mindi-0.86 as follows:

emerge sync
emerge mindi
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at  http://dev.gentoo.org/~aliz
- - ---------------------------------------------------------------------

 
< Prev   Next >
    
Partner:

 

Latest Features
Introduction: Buffer Overflow Vulnerabilities
FTP Attack Case Study Part II: the Lessons
Network Security Audit (Part II)
Measuring Security IT Success
Buffer Overflow Basics
Network Intrusion Prevention Systems: When They're Valuable, and When They're Not
Hacks From Pax: Network Server Monitoring With Nmap
Weekend Edition
Noted cryptographer on SSL, encryption and cloud computing
Security industry faces attacks it cannot stop
Seven Firefox Plug-ins That Improve Online Privacy
MD5 hash vulnerability is expert's top Web security flaw
Virtualization Security Is Taking Longer Than Expected
Apache bug prompts update advice
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2010 Guardian Digital, Inc. All rights reserved.