CVE-2014-2524

Опубликовано: 20 авг. 2014

Источник: debian

Описание

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
readline6	fixed	6.3-7		package
readline6	no-dsa		wheezy	package
readline6	no-dsa		squeeze	package

Связанные уязвимости

CVE-2014-2524

ubuntu

больше 11 лет назад

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

CVE-2014-2524

redhat

почти 12 лет назад

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

CVE-2014-2524

nvd

больше 11 лет назад

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.

GHSA-hq65-wq6g-7mcc

github

больше 3 лет назад

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.