LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

cdrecord: insecure temp file

Package(s):cdrecord CVE #(s):CAN-2005-0866
Created:March 24, 2005 Updated:April 28, 2005
Description: The cdrecord utility makes insecure temp files if DEBUG is enabled in /etc/cdrecord/rscsi. This can allow a local user to launch a sym link attack and execute code with the user's privileges.
Alerts:
Mandriva MDKSA-2005:077 2005-04-20
Ubuntu USN-100-1 2005-03-24
(Log in to post comments)

cdrecord: insecure temp file

Posted Apr 28, 2005 7:45 UTC (Thu) by mjc@redhat.com (guest, #2303) [Link]

CAN-2005-0866

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds