Debian 2.2 DSA-090-1 Critical: Xtel Symlink Attack Details
debian
December 5, 2001
The xtel (a X emulator for minitel) package as distributed with DebianGNU/Linux 2.2 has two possible symlink attacks.
Topics Covered
Summary
Package : xtel
Problem type : symlink attack
Debian-specific: no
The xtel (a X emulator for minitel) package as distributed with Debian
GNU/Linux 2.2 has two possible symlink attacks:
* xteld creates a temporary file /tmp/.xtel-
for symlinks.
* when printing a hardcope xtel would create a temporary file without
protecting itself against symlink attacks.
Both problems have been fixed in version 3.2.1-4.potato.1 .
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
MD5 checksum: 79575d2797c4b85fafba690f71ba97c4
MD5 checksum: 036a3763efa51ff74baa14705b86974a
MD5 checksum: 9cec4556d70194beb25086d8e14b9b20
Alpha architecture:
MD5 checksum: c288520adc2a519edb341c18d6b20572
ARM architecture:
MD5 checksum: 0114570b5bd...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!