oss-sec mailing list archives
CVE request: ibutils improper use of files in /tmp
From: Vincent Danen <vdanen () redhat com>
Date: Mon, 25 Mar 2013 15:49:01 -0600
It was reported on full-disclosure that ibutils suffers from improper use of files /tmp that could allow a user to clobber files as the user running ibutils (probably usually root). I didn't see a CVE request for this or anything show up here; if one hasn't been assigned, could it be? Thanks. References: http://seclists.org/fulldisclosure/2013/Mar/87 https://bugzilla.redhat.com/show_bug.cgi?id=927430 --Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 25)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Vincent Danen (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Kurt Seifried (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Agostino Sarubbo (Mar 26)
- Re: CVE request: ibutils improper use of files in /tmp Larry W. Cashdollar (Mar 26)