oss-sec mailing list archives
Re: Insecure usage of temporary files in GNU Readline
From: cve-assign () mitre org
Date: Mon, 17 Mar 2014 11:24:57 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
sprintf (fnbuf, "/var/tmp/rltrace.%ld", getpid()); unlink(fnbuf); _rl_tracefp = fopen (fnbuf, "w+");
Use CVE-2014-2524. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTJxJmAAoJEKllVAevmvmstlAIAIi0AcMJbpsK49FJhP6m9qob ej4X6ASQtA+naA9HyFZBlvZboJYS1WMoMyts69F1yMOMLzxwXCxazZbX/0+gMKj/ sVjmIQeAB6QQJkFESlzdD4j1kG81qfcC4E5rPVse9lzpstP9j9IkpefpfzcGAwg2 wrDO11+9kyzJKD5DVfZWoX+fGhwp0ebzZrRf4jeQ6nHMN5pvYPk36g0Uqo8nDof7 vwu2lNTF9PHNrzt3U+xF2CR4sJsmcrkzuh9XwEtIpEi/za4bL8Too6ITfRcdnbAz IEn/lORGcUuAQyWdPoTxcMb5Ge/4iCWx0zAlB7j6VGB1NZ4VgkK2tnDd2vh8jBM= =Cd3q -----END PGP SIGNATURE-----
Current thread:
- Insecure usage of temporary files in GNU Readline Steve Kemp (Mar 14)
- Re: Insecure usage of temporary files in GNU Readline cve-assign (Mar 17)