diff options
author | Simon L. B. Nielsen <simon@FreeBSD.org> | 2004-12-30 17:55:08 +0000 |
---|---|---|
committer | Simon L. B. Nielsen <simon@FreeBSD.org> | 2004-12-30 17:55:08 +0000 |
commit | 019c6d58f76a1a3b6c16dc0f080b32d14b446265 (patch) | |
tree | eaad6b5fb01e4276ab8d12812db4093b5a6a8ce4 /security/vuxml/vuln.xml | |
parent | 5788986677c7ad00d3ab1e17f9064024bfefb3b2 (diff) | |
download | ports-019c6d58f76a1a3b6c16dc0f080b32d14b446265.tar.gz ports-019c6d58f76a1a3b6c16dc0f080b32d14b446265.zip |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 25572f601fa6..d8a6a9119246 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -32,6 +32,35 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="9168253c-5a6d-11d9-a9e7-0001020eed82"> + <topic>a2ps -- insecure temporary file creation</topic> + <affects> + <package> + <name>a2ps-a4</name> + <name>a2ps-letter</name> + <name>a2ps-letterdj</name> + <range><lt>4.13b_3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>A Secunia Security Advisory reports that Javier + Fernández-Sanguino Peña has found temporary file + creation vulnerabilities in the fixps and psmandup scripts + which are part of a2ps. These vulnerabilities could lead to + an attacker overwriting arbitrary files with the credentials + of the user running the vulnerable scripts.</p> + </body> + </description> + <references> + <url>http://secunia.com/advisories/13641/</url> + </references> + <dates> + <discovery>2004-12-27</discovery> + <entry>2004-12-30</entry> + </dates> + </vuln> + <vuln vid="64c8cc2a-59b1-11d9-8a99-000c6e8f12ef"> <topic>libxine -- buffer-overflow vulnerability in aiff support</topic> <affects> |