oss-sec mailing list archives
Re: CVE id request: uudeview
From: "Steven M. Christey" <coley () linus mitre org>
Date: Sun, 18 May 2008 07:54:48 -0400 (EDT)
====================================================== Name: CVE-2008-2266 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2266 Reference: MLIST:[oss-security] 20080514 Re: CVE id request: uudeview Reference: URL:http://www.openwall.com/lists/oss-security/2008/05/14/10 Reference: MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 Reference: BID:29211 Reference: URL:http://www.securityfocus.com/bid/29211 Reference: SECUNIA:30171 Reference: URL:http://secunia.com/advisories/30171 uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Current thread:
- CVE id request: uudeview Nico Golde (May 13)
- Re: CVE id request: uudeview Nico Golde (May 14)
- Re: CVE id request: uudeview Steven M. Christey (May 18)
- Re: CVE id request: uudeview Robert Buchholz (May 30)
- Re: CVE id request: uudeview Nico Golde (May 14)