Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Gentoo: GLSA-200611-23 Normal: Mono Security Flaw in Temp File Management

gentoo
Calendar Grey November 28, 2006
Dist Gentoo Esm H88
A nearby user may take advantage of Mono's vulnerable file generation, endangering existing files. Update suggested for enhanced security.
Mono is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.

Summary

Gentoo Linux Security Advisory GLSA 200611-23 https://security.gentoo.org/ Severity: Normal Title: Mono: Insecure temporary file creation Date: November 28, 2006 Bugs: #150264 ID: 200611-23

Synopsis ======= Mono is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.
Background ========= Mono provides the necessary software to develop and run .NET client and server applications.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/mono < 1.1.13.8.1 >= 1.1.13.8.1
========== Sebastian Krahmer of the SuSE Security Team discovered that the System.CodeDom.Compiler classes of Mono create temporary files with insecure per...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo temp file issue normal severity linking attack

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo temp file issue normal severity linking attack

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here