Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: 200410-25 Normal: Netatalk Symlink Attack Issue

gentoo
Calendar Grey October 25, 2004
Dist Gentoo Esm H88
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Adviso
The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user...

Summary

Gentoo Linux Security Advisory GLSA 200410-25 https://security.gentoo.org/ Severity: Normal Title: Netatalk: Insecure tempfile handling in etc2ps.sh Date: October 25, 2004 Bugs: #66370 ID: 200410-25

Synopsis ======= The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Background ========= Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time serversfor Apple computers. It includes several script utilities, including etc2ps.sh.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ---------------...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo security fix symlink attack normal severity netatalk insecure tempfile handling

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo security fix symlink attack normal severity netatalk insecure tempfile handling

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here