LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

lm-sensors: insecure temp files

Package(s):lm-sensors CVE #(s):CAN-2005-2672
Created:August 23, 2005 Updated:November 10, 2005
Description: Javier Fernández-Sanguino Peña noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.
Alerts:
Red Hat RHSA-2005:825-01 2005-11-10
Fedora FEDORA-2005-1054 2005-11-07
Fedora FEDORA-2005-1053 2005-11-07
Debian-Testing DTSA-17-1 2005-09-15
Debian DSA-814-1 2005-09-15
Gentoo 200508-19 2005-08-30
Mandriva MDKSA-2005:149 2005-08-25
Ubuntu USN-172-1 2005-08-23
(Log in to post comments)

lm-sensors: insecure temp files

Posted Aug 25, 2005 8:48 UTC (Thu) by mjcox@redhat.com (subscriber, #31775) [Link]

CAN-2005-2672

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds