Lines 32-37
Link Here
|
32 |
|
32 |
|
33 |
--> |
33 |
--> |
34 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
34 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
|
|
35 |
<vuln vid="01bb84e2-bd88-11d9-a281-02e018374e71"> |
36 |
<topic>groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary file</topic> |
37 |
<affects> |
38 |
<package> |
39 |
<name>ja-groff</name> |
40 |
<range><lt>1.18.1_8</lt></range> |
41 |
</package> |
42 |
</affects> |
43 |
<description> |
44 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
45 |
<p>The eqn2graph and pic2graph scripts in groff 1.18.1 |
46 |
allow local users to overwrite arbitrary files via |
47 |
a symlink attack on temporary files.</p> |
48 |
</body> |
49 |
</description> |
50 |
<references> |
51 |
<bid>12058</bid> |
52 |
<cvename>CAN-2004-1296</cvename> |
53 |
<url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286371</url> |
54 |
<url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286372</url> |
55 |
</references> |
56 |
<dates> |
57 |
<discovery>2004-12-20</discovery> |
58 |
<entry>2005-05-06</entry> |
59 |
</dates> |
60 |
</vuln> |
61 |
|
62 |
<vuln vid="169f422f-bd88-11d9-a281-02e018374e71"> |
63 |
<topic>groff -- groffer uses temp files unsafely</topic> |
64 |
<affects> |
65 |
<package> |
66 |
<name>ja-groff</name> |
67 |
<range><lt>1.18.1_8</lt></range> |
68 |
</package> |
69 |
</affects> |
70 |
<description> |
71 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
72 |
<p>The groffer script in the Groff package 1.18 and later versions |
73 |
allows local users to overwrite files via a symlink attack |
74 |
on temporary files.</p> |
75 |
</body> |
76 |
</description> |
77 |
<references> |
78 |
<bid>11287</bid> |
79 |
<cvename>CAN-2004-0969</cvename> |
80 |
<url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278265</url> |
81 |
</references> |
82 |
<dates> |
83 |
<discovery>2004-09-30</discovery> |
84 |
<entry>2005-05-06</entry> |
85 |
</dates> |
86 |
</vuln> |
87 |
|
35 |
<vuln vid="5f003a08-ba3c-11d9-837d-000e0c2e438a"> |
88 |
<vuln vid="5f003a08-ba3c-11d9-837d-000e0c2e438a"> |
36 |
<topic>sharutils -- unshar insecure temporary file creation</topic> |
89 |
<topic>sharutils -- unshar insecure temporary file creation</topic> |
37 |
<affects> |
90 |
<affects> |