Date: Sun, 18 May 2008 07:54:48 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com Subject: Re: CVE id request: uudeview ====================================================== Name: CVE-2008-2266 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2266 Reference: MLIST:[oss-security] 20080514 Re: CVE id request: uudeview Reference: URL:http://www.openwall.com/lists/oss-security/2008/05/14/10 Reference: MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 Reference: BID:29211 Reference: URL:http://www.securityfocus.com/bid/29211 Reference: SECUNIA:30171 Reference: URL:http://secunia.com/advisories/30171 uulib/uunconc.c in UUDeview 0.5.20 allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.