Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2007-2838

The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.

Related bugs and status

CVE-2007-2838 (Candidate) is related to these bugs:

Bug #123736: Please sync gsambad 1.6-2 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	123736	Please sync gsambad 1.6-2 (universe) from Debian unstable (main)		gsambad (Ubuntu)	Wishlist	Fix Released

Bug #124629: [CVE-2007-2838] Unsafe tmp file usage

		In	Importance	Status
124629	[CVE-2007-2838] Unsafe tmp file usage	gsambad (Ubuntu)	Undecided	Fix Released
124629	[CVE-2007-2838] Unsafe tmp file usage	gsambad (Ubuntu Feisty)	Undecided	Fix Released
124629	[CVE-2007-2838] Unsafe tmp file usage	gsambad (Ubuntu Edgy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

DEBIAN: DSA-1327
BID: 24717
SECUNIA: 25909
SECUNIA: 25914
OSVDB: 37795
XF: gsambad-populateconns-...