|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200410-25] Netatalk: Insecure tempfile handling in etc2ps.sh Vulnerability Assessment Details
|
[GLSA-200410-25] Netatalk: Insecure tempfile handling in etc2ps.sh |
||
Netatalk: Insecure tempfile handling in etc2ps.sh Detailed Explanation for this Vulnerability Assessment The remote host is affected by the vulnerability described in GLSA-200410-25 (Netatalk: Insecure tempfile handling in etc2ps.sh) The etc2ps.sh script creates temporary files in world-writeable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When etc2ps.sh is executed, this would result in the file being overwritten with the rights of the user running the utility, which could be the root user. Workaround There is no known workaround at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0974 Solution: All Netatalk users should upgrade to the latest version: # emerge sync # emerge -pv ">=net-fs/netatalk-1.6.4-r1" # emerge ">=net-fs/netatalk-1.6.4-r1" Network Security Threat Level: Medium Networks Security ID: Vulnerability Assessment Copyright: (C) 2005 Michel Arboi |
||
Cables, Connectors |
2 x HP ProLiant BL460c (447707-B21) Blade Servers No RAM No HDD
$30.00
IBM CS821 20-Core 2.827GHz 128Gb 1.92Tb SSD 1U Linux Server - 8005-12N Power 8
$449.96
1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports
$149.00
IBM E850 Power8 2x 12C 3.02GHz 512Gb 1.8Tb SAS 10GbE 16Gb Linux Server 8408-E8E
$674.96
PFSENSE 15" Depth Server Router Firewall Supermicro X11SSH-F E3-1240 V5 32GB RAM
$382.00
IBM Power8 S822L 20-Core 3.42GHz 256Gb 1.2Tb 40G Elastic Storage Server 5148-22L
$599.95
IBM 8247-21L S812L 10-core 3.42 GHz 128GB 2x 300gb 12x SFF Power8 Linux Server
$649.00
1U Open Source Router Firewall 6x 10GB Ethernet X10SLH-N6-ST031 E3-1270 V3 32GB
$429.00
Ubuntu 22.04.3 Desktop, Server, and Studio DVD Set SAME DAY SHIPPING
$7.49
Dell PowerEdge R730xd Server 2.60Ghz 32-Core 64GB 800GB SSD Debian Linux
$836.80
|
||
No Discussions have been posted on this vulnerability. |