1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Candidate: CVE-2009-0416
PublicDate: 2009-02-03
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0416
Description:
The SSL certificate setup program (genSslCert.sh) in Standards Based Linux
Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local
users to overwrite arbitrary files via a symlink attack on the (1)
/var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary
files.
Ubuntu-Description:
Notes:
Bugs:
http://sourceforge.net/tracker/index.php?func=detail&aid=2561165&group_id=128809&atid=712784
Priority: low
Discovered-by:
Assigned-to:
Patches_sblim-sfcb:
upstream_sblim-sfcb: released (1.3.3)
dapper_sblim-sfcb: DNE
gutsy_sblim-sfcb: DNE
hardy_sblim-sfcb: DNE
intrepid_sblim-sfcb: needed (reached end-of-life)
jaunty_sblim-sfcb: ignored (reached end-of-life)
karmic_sblim-sfcb: not-affected (1.3.4-0ubuntu2)
lucid_sblim-sfcb: not-affected
maverick_sblim-sfcb: not-affected
devel_sblim-sfcb: not-affected
|