Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Gentoo: GLSA-200812-08 Normal: Mgetty Symlink Attack Exploit

gentoo
Calendar Grey December 6, 2008
Dist Gentoo Esm H88
A vulnerability in the Gentoo Mgetty package related to insecure temporary file handling can lead to symlink attacks, posing serious security risks that require immediate updates
Mgetty uses temporary files in an insecure manner, allowing for symlink attacks.

Summary

Gentoo Linux Security Advisory GLSA 200812-08 https://security.gentoo.org/ Severity: Normal Title: Mgetty: Insecure temporary file usage Date: December 06, 2008 Bugs: #235806 ID: 200812-08

Synopsis ======= Mgetty uses temporary files in an insecure manner, allowing for symlink attacks.
Background ========= Mgetty is a set of fax and voice modem programs.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dialup/mgetty < 1.1.36-r2 >= 1.1.36-r2
========== Dmitry E. Oboukhov reported that the "spooldir" directory in fax/faxspool.in is created in an insecure manner.
Impact ===== A local attacker could exploit this vulnerability to overwrite arbi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo symlink attack local attack mgetty normal severity temporary file usage

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/4093865_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory gentoo symlink attack local attack mgetty normal severity temporary file usage

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here