Note:
This project will be discontinued after December 13, 2021. [more]
2014-08-20
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
Products | Fedora, Readline, Mageia, Opensuse |
Type | Improper Link Resolution Before File Access ('Link Following') (CWE-59) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.mandriva.com/security/advisories?name=MDVSA-2015:132
• http://seclists.org/oss-sec/2014/q1/587 • https://bugzilla.redhat.com/show_bug.cgi?id=1077023 • http://www.mandriva.com/security/advisories?name=MDVSA-2014:154 • http://advisories.mageia.org/MGASA-2014-0319.html |