Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

Gentoo: 200309-05 Critical: Mindi Local Exploit Insecure File Creation

gentoo
Calendar Grey September 2, 2003
Dist Gentoo Esm H88
Gentoo Linux Security Advisory concerning mindi: possible local exploit due to insecure file creation in /tmp folder. Immediate update recommended.
Mindi creates files in /tmp which could allow local user to overwritearbitrary files.

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-05
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------
Mindi creates files in /tmp which could allow local user to overwrite arbitrary files.
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-apps/mindi upgrade to mindi-0.86 as follows:
emerge sync emerge mindi emerge clean
- - --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at - - ---------------------------------------------------------------------

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

PACKAGE : mindi
SUMMARY : insecure file creations
DATE : 2003-09-02 10:37 UTC
EXPLOIT : local
VERSIONS AFFECTED : =mindi-0.86
CVE : CAN-2003-0617

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround