Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
91
security advisorygentoolocal attackGentoo GLSA-200604-13 Normal: Fbida Insecure Temporary File Attack
fbida is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200604-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: fbida: Insecure temporary file creation Date: April 23, 2006 Bugs: #129470 ID: 200604-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= fbida is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files. Background ========= fbida is a collection of image viewers and editors for the framebuffer console and X11. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-gfx/fbida < 2.03-r3 > = 2.03-r3 Description ========== Jan Braun has discovered that the "fbgs" script provided by fbida insecurely creates temporary files in the "/var/tmp" directory. Impact ===== A local attacker could create links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When an affected script is called, this could result in the file being overwritten with the rights of the user running the script. Workaround ========= There is no known workaround at this time. Resolution ========= All fbida users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/fbida-2.03-r3" References ========= [ 1 ] CVE-2006-1695 https://www.cve.org/CVERecord?id=CVE-2006-1695 Availability =========== This GLSA and any updates to itare available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200604-13 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Apr 23, 2006
Gentoo
87
security advisorydebiantemporary file issueDebian: DSA 578-1 Serious: Qemu Potential Security Flaw Detected
A temporary file problem has been discovered in xlsview from the catdoc suite, convertors from Word to TeX and plain text, which could lead to local users being able to overwrite arbitrary files via a symlink attack on predictable temporary file names.. -------------------------------------------------------------------------- Debian Security Advisory DSA 575-1
Oct 28, 2004
•Critical
Debian
98
security advisoryRed HatcriticalRed Hat: RHSA-2004:446-01 Critical: OpenOffice.org Local Access Issue
Secunia Research reported an issue with the handling of temporary files. Amalicious local user could use this flaw to access the contents of anotheruser's open documents.. --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated openoffice.org packages resolve security issue Advisory ID: RHSA-2004:446-01 Issue date: 2004-09-15 Updated on: 2004-09-15 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-0752 --------------------------------------------------------------------- 1. Summary: Updated openoffice.org packages that fix a security issue in temporary file handling are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386 Red Hat Desktop version 3 - i386 Red Hat Enterprise Linux ES version 3 - i386 Red Hat Enterprise Linux WS version 3 - i386 3. Problem description: OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. Secunia Research reported an issue with the handling of temporary files. A malicious local user could use this flaw to access the contents of another user's open documents. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0752 to this issue. All users of OpenOffice.org are advised to upgrade to these updated packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: e71cc56e9b9bf55a138b1af8b6da6ceb openoffice.org-1.1.0-16.14.EL.src.rpm i386: 622d3edf4ce2cc890dc1426e34884429 openoffice.org-1.1.0-16.14.EL.i386.rpm ecc099305001b53795fc39e4717563df openoffice.org-i18n-1.1.0-16.14.EL.i386.rpm 4f60302463e8df8f76e4eb17e261991b openoffice.org-libs-1.1.0-16.14.EL.i386.rpm Red Hat Desktop version 3: SRPMS: e71cc56e9b9bf55a138b1af8b6da6ceb openoffice.org-1.1.0-16.14.EL.src.rpm i386: 622d3edf4ce2cc890dc1426e34884429 openoffice.org-1.1.0-16.14.EL.i386.rpm ecc099305001b53795fc39e4717563df openoffice.org-i18n-1.1.0-16.14.EL.i386.rpm 4f60302463e8df8f76e4eb17e261991b openoffice.org-libs-1.1.0-16.14.EL.i386.rpm Red Hat Enterprise Linux ES version 3: SRPMS: e71cc56e9b9bf55a138b1af8b6da6ceb openoffice.org-1.1.0-16.14.EL.src.rpm i386: 622d3edf4ce2cc890dc1426e34884429 openoffice.org-1.1.0-16.14.EL.i386.rpm ecc099305001b53795fc39e4717563df openoffice.org-i18n-1.1.0-16.14.EL.i386.rpm 4f60302463e8df8f76e4eb17e261991b openoffice.org-libs-1.1.0-16.14.EL.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: e71cc56e9b9bf55a138b1af8b6da6ceb openoffice.org-1.1.0-16.14.EL.src.rpm i386: 622d3edf4ce2cc890dc1426e34884429 openoffice.org-1.1.0-16.14.EL.i386.rpm ecc099305001b53795fc39e4717563df openoffice.org-i18n-1.1.0-16.14.EL.i386.rpm 4f60302463e8df8f76e4eb17e261991b openoffice.org-libs-1.1.0-16.14.EL.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from 6. References: About Secunia Research | Flexera CVE -CVE-2004-0752 7. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . Red Hat released critical patch for OpenOffice.org addressing local access vulnerability through temporary file handling.. Red Hat, OpenOffice, Security Patch, Local Access Issue, Software Update. . Severity: Critical.LinuxSecurity.com Team
Sep 15, 2004
•Critical
Red Hat
91
security advisorygentooarbitrary command executionGentoo: GLSA-200409-05 Normal: Gallery Command Execution Issue
The Gallery image upload code contains a temporary file handling vulnerability which could lead to execution of arbitrary commands.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200409-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Gallery: Arbitrary command execution Date: September 02, 2004 Bugs: #60742 ID: 200409-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= The Gallery image upload code contains a temporary file handling vulnerability which could lead to execution of arbitrary commands. Background ========= Gallery is a PHP script for maintaining online photo albums. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/gallery < 1.4.4_p2 > = 1.4.4_p2 Description ========== The upload handling code in Gallery places uploaded files in a temporary directory. After 30 seconds, these files are deleted if they are not valid images. However, since the file exists for 30 seconds, a carefully crafted script could be initiated by the remote attacker during this 30 second timeout. Note that the temporary directory has to be located inside the webroot and an attacker needs to have upload rights either as an authenticated user or via "EVERYBODY". Impact ===== An attacker could run arbitrary code as the user running PHP. Workaround ========= There are several workarounds to this vulnerability: * Make sure that your temporary directory is not contained in the webroot; bydefault it is located outside the webroot. * Disable upload rights to all albums for "EVERYBODY"; upload is disabled by default. * Disable debug and dev mode; these settings are disabled by default. * Disable allow_url_fopen in php.ini. Resolution ========= All Gallery users should upgrade to the latest version: # emerge sync # emerge -pv "> =www-apps/gallery-1.4.4_p2" # emerge "> =www-apps/gallery-1.4.4_p2" References ========= [ 1 ] Full Disclosure Announcement [ 2 ] Gallery Announcement ;name=News&file=article&sid=134&mode=threadℴ=0&thold=0 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200409-05 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Sep 02, 2004
Gentoo
98
security advisoryRed HatcriticalRed Hat Linux 5.2 RHSA-2000:060-03 Critical: xpdf Temp File Issue
There is a security problem when using tmpnam() and fopen() in versions prior to 0.91.. ` --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: xpdf bugfix release Advisory ID: RHSA-2000:060-03 Issue date: 2000-09-13 Updated on: 2000-09-13 Product: Red Hat Linux Keywords: security problem in temporary file and malicious URL. Cross references: N/A --------------------------------------------------------------------- 1. Topic: Security problem in temporary file and malicious URL. 2. Relevant releases/architectures: Red Hat Linux 5.2 - i386, alpha, sparc Red Hat Linux 6.2 - i386, alpha, sparc 3. Problem description: There is a security problem when using tmpnam() and fopen() in versions prior to 0.91. The problem is seen when a root user overwrites files where a symlink is created between the calls to tmpname() and fopen(). There is also a problem with URL-type links in PDF documents that contain quote characters which could also be used to execute arbitrary commands. The xpdf-0.91 fixes both these security problems. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed ( for more info): N/A 6. RPMs required: Red Hat Linux 5.2: sparc: alpha: i386: sources: Red Hat Linux 6.2: sparc: alpha: i386: sources: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 1ca613dc77206c3529dab585e6f4fffd 5.2/SRPMS/xpdf-0.91-1.5x.src.rpm 20632cc51819d8a277636bc7e72041ea 5.2/alpha/xpdf-0.91-1.5x.alpha.rpm da4bfce20f17967f03697f7a141a7883 5.2/i386/xpdf-0.91-1.5x.i386.rpm 1707cdcbe06867e9d927c7c150b856e6 5.2/sparc/xpdf-0.91-1.5x.sparc.rpm 54136dd475eeea9f24bf0f7a1eb2d5d9 6.2/SRPMS/xpdf-0.91-1.6x.src.rpm db42b309ce51cf80661b1ea43141328b 6.2/alpha/xpdf-0.91-1.6x.alpha.rpm 7a00ef826fa8f5fa37246a78f4ddcc4a 6.2/i386/xpdf-0.91-1.6x.i386.rpm 8f442274085c2bb45c72f2920d4027d3 6.2/sparc/xpdf-0.91-1.6x.sparc.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000 Red Hat, Inc. `. The critical Red Hat advisory highlights xpdf temp file issues and malicious URLs, urging immediate updates for security.. xpdf Update, Red Hat Advisory, Security Patches, Temp File Issues, Malicious URL Exploit. . Severity: Critical. LinuxSecurity.com Team
Sep 14, 2000
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!