|
|
| |
|
| |
libtool - Insecure handling of temporary files
| Package(s): | libtool |
CVE #(s): | |
| Created: | February 5, 2004 |
Updated: | March 8, 2004 |
| Description: |
GNU libtool consists of a set of shell scripts used to build shared
libraries.
Joseph S. Myers
and Stefan
Nordhausen independently found a vulnerability in the way
the ltmain.sh script (which is part of the libtool package) creates
temporary directories for its use.
A local attacker could exploit this vulnerability to change/delete
arbitrary files in the system on behalf of the user who is calling the
script. The vulnerability has been fixed in the 1.5.2 version of libtool. |
| Alerts: |
|
( Log in to post comments)
|
|
|