|
CVE Reference: CVE-2007-0476
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2007-0476
|
|
Description:
The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a symlink attack.
|
|
CVE Status:
Candidate
|
|
References:
SAID
Secunia Advisory: SA23881
OSVDB
31617
GENTOO
http://security.gentoo.org/glsa/glsa-200701-19.xml
BID
22195
|
|
|
Return to the previous page.
|
