Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo GLSA-200812-12 Normal: Honeyd Symlink Attack Risk

gentoo
Calendar Grey December 12, 2008
Dist Gentoo Esm H88
Honeyd running on Gentoo is vulnerable to insecure temporary file generation, which may expose it to symlink hijacking. It is advisable to perform an upgrade.
An insecure temporary file usage has been reported in Honeyd, possibly leading to symlink attacks.

Summary

Gentoo Linux Security Advisory GLSA 200812-12 https://security.gentoo.org/ Severity: Normal Title: Honeyd: Insecure temporary file creation Date: December 12, 2008 Bugs: #237481 ID: 200812-12

Synopsis ======= An insecure temporary file usage has been reported in Honeyd, possibly leading to symlink attacks.
Background ========= Honeyd is a small daemon that creates virtual hosts on a network.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/honeyd < 1.5c-r1 >= 1.5c-r1
========== Dmitry E. Oboukhov reported an insecure temporary file usage within the "test.sh" script.
Impact ===== A local attacker could perform symlink attacks and overwrite arbitrary...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo software update symlink attack temp file normal severity honeyd

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo software update symlink attack temp file normal severity honeyd

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here