blob: 1c4ed743c42d872487bed4d7b8ed346ec5637e91 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
source: smb4k
date: December 5th, 2005
author: Neil McGovern
vuln-type: access validation error
problem-scope: local
debian-specifc: no
cve: CVE-2005-2851
vendor-advisory: http://smb4k.berlios.de
testing-fix: 0.6.4-0.0etch1
sid-fix: 0.6.4-1
upgrade: apt-get install smb4k
CVE-2005-2851
A vulnerability leading to unauthorized file access has been found. A
pre-existing symlink from /tmp/sudoers and /tmp/super.tab to a textfile
will cause Smb4k to write the contents of these files to the target of the
symlink, as Smb4k does not check for the existence of these files before
writing to them.
|