Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Ubuntu Local Security Checks >> USN104-1 : sharutils vulnerability


Vulnerability Assessment Details

USN104-1 : sharutils vulnerability

Vulnerability Assessment Summary
sharutils vulnerability

Detailed Explanation for this Vulnerability Assessment

Summary :

These remote packages are missing security patches :
- sharutils
- sharutils-doc


Description :

Joey Hess discovered that "unshar" created temporary files in an
insecure manner. This could permit a symbolic link attack to create or
overwrite arbitrary files with the rights of the user invoking the
program.

Solution :

Upgrade to :
- sharutils-4.2.1-10ubuntu0.2 (Ubuntu 4.10)
- sharutils-doc-4.2.1-10ubuntu0.2 (Ubuntu 4.10)



Network Security Threat Level: High


Networks Security ID:

Vulnerability Assessment Copyright: Ubuntu Security Notice (C) 2005 Canonical, Inc. / NASL script (C) 2005 Michel Arboi

Cables, Connectors

MICRON 4GB 1RX8 DDR3 SO-DIMM PC3-12800 1600MHZ LAPTOP MEMORY MT8KTF51264HZ-1G6E1
$22.95
MICRON 4GB 1RX8 DDR3 SO-DIMM PC3-12800 1600MHZ LAPTOP MEMORY MT8KTF51264HZ-1G6E1 picture80gb - Mix Lot of 40 - 2GB DDR3 10600U Desktop Memory Tested
$199.99
80gb - Mix Lot of 40 - 2GB DDR3 10600U Desktop Memory Tested  pictureFor Elpida 4GB 2x 2GB PC2-6400U DDR2-800 240P DIMM Intel Desktop Upgrade Memory
$0.01
For Elpida 4GB 2x 2GB PC2-6400U DDR2-800 240P DIMM Intel Desktop Upgrade Memory picture2pcs Kit 4gb Ddr3 Ram 1333 Mhz Desktop Memory Dimm Pc3-10600 Non Ecc 1.5v Ram
$52.99
2pcs Kit 4gb Ddr3  Ram 1333 Mhz Desktop Memory Dimm Pc3-10600 Non Ecc 1.5v Ram picture


Discussions

No Discussions have been posted on this vulnerability.