oss-sec mailing list archives
Re: CVE request: /tmp file vulnerability in ace
From: cve-assign () mitre org
Date: Thu, 11 Sep 2014 03:33:17 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
bin/generate_doxygen.pl line 177 "/tmp/".$i.".".$$.".doxygen"; This path is later opened for writing. http://bugs.debian.org/760709
Use CVE-2014-6311.
An interesting find is bin/g++-dep line 63:TMP=/tmp/g++dep$$This path is also used for writing.
As far as we can tell, there is no bin/g++-dep in the download.dre.vanderbilt.edu upstream distribution. The bin/g++-dep issue, if confirmed, would not be within the scope of CVE-2014-6311. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJUEU9/AAoJEKllVAevmvmsTgcIAJAqv12JKagw5jgNdo2m2bPE X5fM+YJxkNevkEaA0XEwlaXTC3ZnMMoZ/LG589AUJPvP7TWW8iyhD+k0k5AC6Tr8 sEtgOaXoP47vzY2ZxBM5CWzBrkpdd0lmccRgiVnDJ/LUQQybszdN/yAW/rAnDPwn PNIfReANHYqLjNIPHzYZW7vhRh/9kppvQ6vQpvQ3wMlUbnWomVLEkGakeDuNHsiy USdap+bIb1Dg+1LKbWe+Nu+TqfPyZ/A8jwnT7l0LawPhw/8iOgIyf0UvRfkXUhGK v+sU81J2/nABk8ni38v4ZTnziS69zpajzZmvjz30J0Jf8OiXp91rLVobvFSWuEA= =+tJB -----END PGP SIGNATURE-----
Current thread:
- CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 07)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace Helmut Grohne (Sep 12)
- Re: CVE request: /tmp file vulnerability in ace cve-assign (Sep 11)