Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: 202310-01 Alert: OpenSSH Security Flaw in ssh-agent Usage

gentoo
Calendar Grey October 25, 2004
Dist Gentoo Esm H88
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Adviso
The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the use...

Summary

Gentoo Linux Security Advisory GLSA 200410-24 https://security.gentoo.org/ Severity: Normal Title: MIT krb5: Insecure temporary file use in send-pr.sh Date: October 25, 2004 Bugs: #66359 ID: 200410-24

Synopsis ======= The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Background ========= MIT krb5 is the free implementation of the Kerberos network authentication protocol written by the Massachusetts Institute of Technology.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected --------------------------------------------------------...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo symlink attack kerberos temporary files normal severity send-pr.sh

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo symlink attack kerberos temporary files normal severity send-pr.sh

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here