Title : Debian Security Update Fixes crip Insecure Temporary Files Issue VUPEN ID : VUPEN/ADV-2005-0916 CVE ID : CVE-2005-0393 CWE ID : CWE-
Rated as : Low Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2005-06-30
Technical Description
Debian has released a security patch to correct a vulnerability identified in crip. The problem is that crip insecurely creates temporary files, which could be exploited by a local attacker to overwrite arbitrary files via symlink attacks.
