CVE-2006-1695 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1695
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1695

Description: The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID].

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25729 SUSE http://www.novell.com/linux/security/advisories/2006_19_sr.html SAID Secunia Advisory: SA19766 Secunia Advisory: SA19559 Secunia Advisory: SA20166 Secunia Advisory: SA21459 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200604-13.xml DEBIAN http://www.debian.org/security/2006/dsa-1068 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=361370 BID 17436

Return to the previous page.