Packet Storm

what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Gentoo Linux Security Advisory 200407-1: Posted Jul 2, 2004; Authored by Gentoo | Site gentoo.org; Tavis Ormandy has discovered a vulnerability in esearch for Gentoo Linux, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the eupdatedb utility creating the temporary file /tmp/esearchdb.py.tmp insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user invoking the utility.; tags | advisory, arbitrary, local; systems | linux, gentoo; SHA-256 | e59e3827b241da0be587c4f5008b80fa8f0fb686c731080a1ab72a5fff0eff55; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 65 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 7 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec