Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA 2023-07-15 Normal: XYZ Library Vulnerability Exploit

gentoo
Calendar Grey March 7, 2009
Dist Gentoo Esm H88
Fortify your Gentoo setup against gEDA's vulnerability regarding unprotected temp files by following this guide to prevent symbolic link exploits.
An insecure temporary file usage has been reported in gEDA, allowing for symlink attacks.

Summary

Gentoo Linux Security Advisory GLSA 200903-08 https://security.gentoo.org/ Severity: Normal Title: gEDA: Insecure temporary file creation Date: March 07, 2009 Bugs: #247538 ID: 200903-08

Synopsis ======= An insecure temporary file usage has been reported in gEDA, allowing for symlink attacks.
Background ========= gEDA is an Electronic Design Automation tool used for electrical circuit design.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sci-electronics/geda < 1.4.0-r1 >= 1.4.0-r1
========== Dmitry E. Oboukhov reported an insecure temporary file usage within the sch2eaglepos.sh script.
Impact ===== A local attacker could perform symlink attacks to overwrite arb...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo symlink attack insecure file normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo symlink attack insecure file normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here