Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
BID:17177
Info
Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
| Bugtraq ID: | 17177 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Mar 21 2006 12:00AM |
| Updated: | Mar 21 2006 10:44PM |
| Credit: | Reported by Joey Hess <[email protected]>. |
| Vulnerable: |
Debian libcgi-session-perl 4.03-1 |
| Not Vulnerable: | |
Discussion
Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
The libcgi-session-perl package is prone to multiple vulnerabilities -- it creates temporary files in an insecure manner. An attacker could exploit these vulnerabilities to overwrite files or gain access to information in sensitive files.
Version 4.03-1 of libcgi-session-perl is vulnerable. Other versions may also be affected.
The libcgi-session-perl package is prone to multiple vulnerabilities -- it creates temporary files in an insecure manner. An attacker could exploit these vulnerabilities to overwrite files or gain access to information in sensitive files.
Version 4.03-1 of libcgi-session-perl is vulnerable. Other versions may also be affected.
Exploit / POC
Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
An exploit is not required.
An exploit is not required.
Solution / Fix
Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
Solution:
These issues will be addressed in libcgi-session-perl 4.07-1.
Solution:
These issues will be addressed in libcgi-session-perl 4.07-1.
References
Libcgi-session-perl Multiple Insecure Temporary File Creation Vulnerabilities
References:
References:
- Debian Bug report logs - #356555 (Debian)