SUSE Tetex tmp File Existence Disclosure Vulnerability
BID:13072
Info
SUSE Tetex tmp File Existence Disclosure Vulnerability
| Bugtraq ID: | 13072 |
| Class: | Design Error |
| CVE: |
CVE-2005-1065 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 08 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Announced by the vendor. |
| Vulnerable: |
SuSE Linux 8.1 SuSE Linux 8.0 i386 SuSE Linux 8.0 SuSE Linux 7.3 sparc SuSE Linux 7.3 ppc SuSE Linux 7.3 i386 SuSE Linux 7.3 SuSE Linux 7.2 i386 SuSE Linux 7.2 SuSE Linux 7.1 x86 SuSE Linux 7.1 sparc SuSE Linux 7.1 ppc SuSE Linux 7.1 alpha SuSE Linux 7.1 SuSE Linux 7.0 sparc SuSE Linux 7.0 ppc SuSE Linux 7.0 i386 SuSE Linux 7.0 alpha SuSE Linux 7.0 SuSE Linux 6.4 ppc SuSE Linux 6.4 i386 SuSE Linux 6.4 alpha SuSE Linux 6.4 SuSE Linux 6.3 ppc SuSE Linux 6.3 alpha SuSE Linux 6.3 SuSE Linux 6.2 SuSE Linux 6.1 alpha SuSE Linux 6.1 SuSE Linux 6.0 SuSE Linux 5.3 SuSE Linux 5.2 SuSE Linux 5.1 SuSE Linux 5.0 SuSE Linux 4.4.1 SuSE Linux 4.4 SuSE Linux 4.3 SuSE Linux 4.2 SuSE Linux 4.0 SuSE Linux 3.0 SuSE Linux 2.0 SuSE Linux 1.0 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 |
| Not Vulnerable: | |
Discussion
SUSE Tetex tmp File Existence Disclosure Vulnerability
teTex is prone to a symbolic link issue that could allow users to determine the existence of files in directories they do not have permission to access.
Information gathered through this vulnerability could be used to carry out further attacks against the computer.
teTex is prone to a symbolic link issue that could allow users to determine the existence of files in directories they do not have permission to access.
Information gathered through this vulnerability could be used to carry out further attacks against the computer.
Exploit / POC
SUSE Tetex tmp File Existence Disclosure Vulnerability
No exploit code is required.
No exploit code is required.
Solution / Fix
SUSE Tetex tmp File Existence Disclosure Vulnerability
Solution:
SUSE has released an advisory (SUSE-SR:2005:010) and fixes for this issue. Please see the referenced advisory for information on obtaining fixes.
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.2 x86_64
Solution:
SUSE has released an advisory (SUSE-SR:2005:010) and fixes for this issue. Please see the referenced advisory for information on obtaining fixes.
S.u.S.E. Linux Personal 8.2
-
SuSE tetex-2.0.1-96.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/tetex-2.0.1-96.i5 86.rpm
S.u.S.E. Linux Personal 9.0
-
SuSE tetex-2.0.2-212.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/tetex-2.0.2-212.i 586.rpm
S.u.S.E. Linux Personal 9.0 x86_64
-
SuSE tetex-2.0.2-212.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/tetex-2.0.2-2 12.x86_64.rpm
S.u.S.E. Linux Personal 9.1 x86_64
-
SuSE tetex-2.0.2-195.15.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/tetex-2.0.2-1 95.15.x86_64.rpm
S.u.S.E. Linux Personal 9.1
-
SuSE tetex-2.0.2-195.15.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/tetex-2.0.2-195.1 5.i586.rpm
S.u.S.E. Linux Personal 9.2
-
SuSE tetex-2.0.2-198.7.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/tetex-2.0.2-198.7 .i586.rpm
S.u.S.E. Linux Personal 9.2 x86_64
-
SuSE tetex-2.0.2-198.7.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/tetex-2.0.2-1 98.7.x86_64.rpm
References
SUSE Tetex tmp File Existence Disclosure Vulnerability
References:
References: