Create an account

Subscribe to LWN

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Weekly edition	Kernel	Security	Distributions	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ

claws-mail: insecure temp file

Package(s):

claws-mail

CVE #(s):

CVE-2007-6208

Created:

January 10, 2008

Updated:

January 16, 2008

Description:

Claws Mail creates temp files in an insecure manner. This can be used by a local attacker to make a symlink attack, allowing files with the local user's privileges to be overwritten.

Alerts:

Gentoo

2008-01-09

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds