User: Password:
Subscribe / Log in / New account

libdbi-perl: insecure temporary file

Package(s):libdbi-perl CVE #(s):CAN-2005-0077
Created:January 25, 2005 Updated:March 2, 2006
Description: Javier Fernández-Sanguino Peña from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
Fedora-Legacy FLSA:178989 perl-dbi 2006-03-01
Gentoo 200501-38:03 perl 2005-01-26
Red Hat RHSA-2005:072-01 perl-DBI 2005-02-15
Mandrake MDKSA-2005:030 perl-DBI 2005-02-08
Red Hat RHSA-2005:069-01 perl-DBI 2005-02-01
Gentoo 200501-38 perl 2005-01-26
Ubuntu USN-70-1 libdbi-perl 2005-01-25
Debian DSA-658-1 libdbi-perl 2005-01-25

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds