Описание
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| no-ip | fixed | 2.1.9-1 | package |
Примечания
original issue doesn't seem to be present, however there is a tmprace in the init
script if it is used to debug with strace and a missing check for mkstemp failing
but these situations are really corner cases
Связанные уязвимости
ubuntu
около 17 лет назад
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
nvd
около 17 лет назад
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.
github
больше 3 лет назад
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/noip2 temporary file.