Bugtraq mailing list archives
rPSA-2007-0012-1 ed
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Tue, 23 Jan 2007 03:45:58 -0500
rPath Security Advisory: 2007-0012-1 Published: 2007-01-23 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Local User Non-deterministic Vulnerability Updated Versions: ed=/conary.rpath.com@rpl:devel//1/0.4-1-0.1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 https://issues.rpath.com/browse/RPL-962 Description: Previous versions of the ed package are vulnerable to a symlink attack which allows a local attacker to overwrite arbitrary files writeable by the user running ed with contents provided by the user running the ed program.
Current thread:
- rPSA-2007-0012-1 ed rPath Update Announcements (Jan 23)